Since July 2021, WMC Global analysts have been tracking an emerging threat actor known as MRWEEBEE who is creating and selling phishing kits targeting customers of banks and credit unions in the United States. WMC Global threat analysts have been monitoring MRWEEBEE closely by investigating the threat actor’s tactics, techniques, and procedures (TTPs) found in their phishing kits. WMC Analysts paid close attention to how MRWEEBEE's kits collect personal identifiable information (PII), email credentials, banking details, payment information, and how they evade detection with extensive bot blocking.

On December 1^st, WMC Global encountered a large-scale email phishing campaign targeting Microsoft Office 365’s voicemail functionality. The email subject, “Voiceᴍᴀɪʟ,” uses several Latin characters in an attempt to bypass email filtering systems. The attack was live until December 4^th.