New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


Phishing Campaign Targets Wildfire Victims

Researchers have discovered a new phishing campaign targeting victims of the California wildfires. In this campaign, the primary targets are victims in Northern and Southern California that work in accounting, administration, and finance. The victim first receives an email with the attacker masquerading as a CEO of a company. The “CEO” informs the employee that their clients have been affected by the wildfires and that they need assistance. The attacker notifies the victim that this is urgent and asks them to help by purchasing four $500 Google Play gift cards and to send them the codes on the cards. The note has several grammatical errors and many typos which makes this scam even easier to spot.

Analyst Notes

When receiving an email from an unfamiliar source, users are advised to confirm that the email actually came from that source. This can be done by making a phone call to the sender or asking the sender in person. In this particular campaign, the attacker is requesting the victim to make a purchase and send card numbers for the Google Play store. This doesn’t make any sense as something that would help wildfire victims.