Security News > 2021 > December > Phishing attacks impersonate Pfizer in fake requests for quotation
Threat actors are conducting a highly targeted phishing campaign impersonating Pfizer to steal business and financial information from victims.
In a new report by INKY, researchers explain that threat actors are impersonating Phizer in a phishing email campaign that started around August 15, 2021.
The actors behind this campaign are diligent in their phishing operations, combining "Clean" PDF attachments with newly registered domains that appear as official Pfizer online spaces.
Because of the galloping spread of new COVID-19 variants, phishing actors don't have much difficulty encapsulating a sense of urgency in these emails.
The PDF isn't laced with malware-dropping links or phishing URLs that would raise flags on email security tools and doesn't contain any typos that would make the fraud obvious.
If the person does not work at the firm or is unaware of these emails, you can ignore the requests and delete the emails.
News URL
Related news
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks (source)
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)