Phishing Campaigns Targeting USPS See as Much Web Traffic as the…

216.73.217.80

Phishing Campaigns Targeting USPS See as Much Web Traffic as the USPS Itself

· Published 29/04/2024 19:15 · Modified 01/05/2024 23:07

Essential information

Published: 29/04/2024 19:15
Modified: 01/05/2024 23:07
Tags: amazon cobalt strike dll file dns query icedid javascript file lsass powershell sharefinder usps
Related entities: 34 observables, 8 techniques (mitre), 3 malware

Description

Following the 2023 holiday season, Akamai researchers uncovered a significant amount of highly likely malicious activity and domains purporting to be associated with the United States Postal Service (USPS). Akamai researchers compared five months of DNS traffic to the legitimate domain, usps.com, with DNS traffic to illegitimate combosquatted domain names.

External references

https://www.akamai.com/blog/security-research/2024/apr/phishing-usps-malicious-domains-traffic-equal-to-legitimate-traffic
https://otx.alienvault.com/pulse/662ff1ec26bd06238df792e8

Phishing Campaigns Targeting USPS See as Much Web Traffic as the USPS Itself

Essential information

Description

Related entities

Observables (34)

Techniques (MITRE) (8)

Malware (3)

External references