Increase in the number of phishing messages pointing to IPFS and to R2 buckets, (Thu, Mar 14th)

Credential-stealing phishing is constantly evolving, nevertheless, some aspects of it – by necessity – stay the same. One thing, which is constant, is the need for a credential gathering mechanism, and although threat actors have come up with a number of alternatives to simply hosting a fake login page somewhere (e.g., using a third-party “forms” service[1] or attaching an entire phishing page to an e-mail[2]), the old approach of placing a phishing page on an internet-connected server and linking to it from e-mail messages is commonly used to this day.

This article has been indexed from SANS Internet Storm Center, InfoCON: green

Read the original article: