1. Forum
  2. FidoNet
  3. CONSPRCY

  • Morphing phishing campaig

    From Mike Powell@1:2320/105 to All on Sat Mar 29 08:39:00 2025
    This new phishing campaign can tailor its messages to target you with your favorite businesses

    Date:
    Fri, 28 Mar 2025 15:03:00 +0000

    Description:
    Security researchers from Infoblox found a new phishing kit called Morphing Meerkat.

    FULL STORY

    Cybercriminals have created a new technique to serve phishing emails to business users which are almost indistinguishable from legitimate messages.

    Cybersecurity researchers Infoblox spotted the Phishing-as-a-Service (PhaaS) kit, built by a threat actor dubbed Morphing Meerkat, which deploys DNS Mail exchange (MX) records, dynamically serving fake login pages.

    The technique allows them to spoof more than 100 different brands, making it quite a potent offering for cybercriminals.

    Morphing Meerkats PhaaS platform and phishing kits are unique compared to others because they dynamically serve phishing login webpages based on the
    DNS MX record of each victims email domain, the researchers explained, saying that it lets the attackers display web content strongly related to the
    victims email service provider.

    The overall phishing experience feels natural because the design of the
    landing page is consistent with the spam emails message, they added.

    Morphing Meerkat hasnt exactly drawn much attention to itself yet, which
    might sound rather surprising given the fact that it sent thousands of spam emails from servers mostly located in the UK and the United States.

    However, the researchers said the operation is difficult to detect at scale, since the attackers know where security blind spots are, and have been exploiting them via open redirects on adtech, DoH communication, and popular file-sharing services.

    To protect themselves, organizations should add a strong layer of DNS
    security to their systems, Infoblox concludes, which includes tightening DNS controls and not allowing users to communicate with DoH servers.

    If companies can reduce the number of unimportant services in their network, they can reduce their attack surface, giving few options to cybercriminals
    for threat delivery, Infoblox concluded.

    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/this-new-phishing-campaign-can-tailor-i ts-messages-to-target-you-with-your-favorite-businesses

    $$
    --- SBBSecho 3.20-Linux
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)