- The phishing campaign targeted 500 mailboxes of employees from a national travel organization.
- The email comes with the subject line - "We noticed some unusual activity" - pretending to be from LinkedIn.
- However, the attackers have misspelled LinkedIn and the domain was created on March 6.
- The phishing campaign bypassed detection by Google’s email security controls after passing authentication checks via DMARC and SFP.
- The campaign leveraged brand impersonation, social engineering, malicious URLs, and existing business workflow replication.
don't miss out
Create a Free Account
Free! Authentication Training Sessions
Free! Access to Vendor Process FAQs
Free! Join Weekly
Free! Resource Library w/Validation Resources & More!
+ You're Ready to Enroll in 56+ Training Sessions