Threat actors are conducting a phishing campaign impersonating Pfizer to steal sensitive information from individuals and organizations. Like many other phishing campaigns, the threat actors have created domains that look like they may be legitimate and send emails that invoke a sense of urgency. The initial emails request an organization to quote Pfizer for a purchase of equipment and comes with a PDF document that discusses due dates, payment terms, and other details that constitute a legitimate request for quotation. The document looks valid and can bypass security tools as it does not contain malware dropping tools. It’s likely a social engineering plot, to lure victims in and gain financial information from future interactions. Victims are asked to send their quotes to the newly registered domain addresses created by the threat actors.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is