Security News > 2021 > December > Phishing attacks impersonate Pfizer in fake requests for quotation
Threat actors are conducting a highly targeted phishing campaign impersonating Pfizer to steal business and financial information from victims.
In a new report by INKY, researchers explain that threat actors are impersonating Phizer in a phishing email campaign that started around August 15, 2021.
The actors behind this campaign are diligent in their phishing operations, combining "Clean" PDF attachments with newly registered domains that appear as official Pfizer online spaces.
Because of the galloping spread of new COVID-19 variants, phishing actors don't have much difficulty encapsulating a sense of urgency in these emails.
The PDF isn't laced with malware-dropping links or phishing URLs that would raise flags on email security tools and doesn't contain any typos that would make the fraud obvious.
If the person does not work at the firm or is unaware of these emails, you can ignore the requests and delete the emails.
News URL
Related news
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- Microsoft Teams phishing attack alerts coming to everyone next month (source)
- How to Prevent Phishing Attacks with Multi-Factor Authentication (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)