6 min read

UK Private School Applicants Targeted With Phishing Attack

By WMC Global Threat Intelligence Team on 11/21/22 12:54 PM

Topics: Phishing Phishing Kit Threat Intel Data Exfiltration
1 min read

Emerging Trends in SMS Phishing

By WMC Global Threat Intelligence Team on 11/8/22 10:15 AM

WMC Global's Ben Coon, VP of Threat Intelligence, and Bobby Preston, Threat Analyst and Sr. Business Development Manager, presented at SaintCon this October.

Topics: SMS Attack Kit Analysis Phishing Phishing Kit Threat Intel finance 2FA Two-Factor Authentication Voice Passwords SMS Phishing Credential Phishing smishing Vishing financial institutions
8 min read

Introducing MRWEEBEE

By WMC Global Threat Intelligence Team on 11/2/22 3:20 PM

Since July 2021, WMC Global analysts have been tracking an emerging threat actor known as MRWEEBEE who is creating and selling phishing kits targeting customers of banks and credit unions in the United States. WMC Global threat analysts have been monitoring MRWEEBEE closely by investigating the threat actor’s tactics, techniques, and procedures (TTPs) found in their phishing kits. WMC Analysts paid close attention to how MRWEEBEE's kits collect personal identifiable information (PII), email credentials, banking details, payment information, and how they evade detection with extensive bot blocking.

Topics: Phishing Phishing Kit Threat Intel Data Exfiltration Victim File Credential Phishing
6 min read

Threat Actor "Robin Banks" Phishing Kit Revisions

By WMC Global Threat Intelligence Team on 8/31/22 10:22 AM


In July, a report was released spotlighting a threat actor known as Robin Banks. WMC Global was also tracking this threat actor and noticed the scammer's attack infrastructure quickly went offline at the time of the article’s publication. It is possible this was done by the intel vendor or the threat actor trying to hide but may also have been an unknown party. Only a matter of weeks later, WMC Global analysts discovered Robin Banks was still operating and had rebuilt their backend phishing operation to be more resilient to takedowns, highlighting their awareness of the original article. 

Topics: SMS Attack Phishing Phishing Kit Threat Intel SMS Phishing Credential Phishing
7 min read

Evri- UK Package Delivery Scam

By WMC Global Threat Intelligence Team on 5/19/22 10:21 AM

Threat actors have found continuous success using package delivery services as SMS phishing lures since the start of the COVID-19 pandemic and package delivery phishing attacks are the number one harvester of credit cards that WMC Global is currently seeing. Scammers now gravitate towards any new courier as a lure because of the sheer effectiveness of the campaigns. These lures are often used to perform call back scams but consumers get wise to the same attack content, resulting in threat actors needing to diversify and increase their portfolio of campaigns. Introducing Evri, the latest UK courier company to be heavily targeted and brand abused for credential phishing attacks. 

Topics: Covid SMS Attack Phishing Kit Threat Intel Banking Courier Scam SMS Phishing Credential Phishing package delivery scam
12 min read

Microsoft Office 365 Voicemail Phishing Attack

By WMC Global Threat Intelligence Team on 12/9/21 10:00 AM

On December 1st, WMC Global encountered a large-scale email phishing campaign targeting Microsoft Office 365’s voicemail functionality. The email subject, “Voiceᴍᴀɪʟ,” uses several Latin characters in an attempt to bypass email filtering systems. The attack was live until December 4th. 

Topics: Phishing Phishing Kit Threat Intel Microsoft Office 365 Voicemail Voice Victim File Passwords
6 min read

Phishing Lures Imitate Government Bodies Offering COVID-19 Relief

By WMC Global Threat Intelligence Team on 8/11/21 8:31 AM

This blog is released in partnership with Mobile Ecosystem Forum (MEF), of which WMC Global is a proud member.

Topics: Covid Phishing Covid-19 Phishing Kit Threat Intel Government US Government UK Government NHS
4 min read

Cazanova Phisher Steals From Himself

By WMC Global Threat Intelligence Team on 8/14/20 10:30 AM

Using a variety of tools and techniques, WMC Global actively tracks threat actors engaged in credential phishing attacks—from canary detection to phishing site launch to the selling of compromised credentials, WMC Global monitors phishing activities the world over. 

Topics: Phishing Phishing Kit Cazanova Phoenix Coder Threat Intel