This week, cybersecurity researchers uncovered a large-scale phishing campaign targeting major financial brands — including Wells Fargo and USAA.
Dubbed Operation DoppelBrand by SOCRadar, the campaign is tied to a threat actor known as GS7. Attackers created more than 150 lookalike domains that cloned banking login pages nearly pixel-for-pixel.
Victims who clicked phishing emails had their credentials instantly forwarded to attacker-controlled Telegram bots.
Even more concerning? The group allegedly used legitimate remote management tools like LogMeIn Resolve to maintain access — and potentially resell it.
Phishing isn’t sloppy anymore. It’s automated. Scalable. Industrialized.
I’m Peter — bringing you Saturday Security Stories.
Like & Share.
https://socradar.io/blog/operation-doppelbrand-fortune-500-campaign/
No comments:
Post a Comment