Security News > 2021 > December > Phishing attacks impersonate Pfizer in fake requests for quotation
Threat actors are conducting a highly targeted phishing campaign impersonating Pfizer to steal business and financial information from victims.
In a new report by INKY, researchers explain that threat actors are impersonating Phizer in a phishing email campaign that started around August 15, 2021.
The actors behind this campaign are diligent in their phishing operations, combining "Clean" PDF attachments with newly registered domains that appear as official Pfizer online spaces.
Because of the galloping spread of new COVID-19 variants, phishing actors don't have much difficulty encapsulating a sense of urgency in these emails.
The PDF isn't laced with malware-dropping links or phishing URLs that would raise flags on email security tools and doesn't contain any typos that would make the fraud obvious.
If the person does not work at the firm or is unaware of these emails, you can ignore the requests and delete the emails.
News URL
Related news
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- GenAI makes phishing attacks more believable and cost-effective (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Inside the incident: Uncovering an advanced phishing attack (source)
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)