Tuesday, December 27, 2016

Google AdWords Phishing Campaign

Wapack Labs has discovered a new phishing campaign. While generally simplistic, it contains some elements of high sophistication. It is also fairly expensive to operate, which suggests it is a precursor to a more sophisticated and potentially harmful campaign. Wapack Labs conducted a brief tactical analysis and is providing this report for your situational awareness.
  • Search for “Facebook” in Google Chrome produced a link to a fake anti-virus malware. 
  • Facebook was notified of this activity.
  • A much more serious malware campaign targeting major social, retail, and online companies may be in the works...READ MORE
Publication Date: 19 December 2016
Handling Requirements: Traffic light protocol (TLP) GREEN
Attribution/Threat Actors: Google AD campaign phishing/unknown author
Actor Type:  Adversary capabilities have been assessed as Tier II
Industries Targeted: Financial, business and retail sectors
Past Reporting: Red Sky Alliance: DOC-2901
Companies Cited In This Report: Facebook, EBay, and Home Deport

The full report may be viewed in the Red Sky Alliance as DOC-4557.  
Contact Wapack Labs for more information.