During recent analysis, Wapack analysts discovered a sales lead email from app.lead411.com. Lead411 is a sales lead generation tool that mines open sources for opportunities. Hackers have been known to apply such tools for a lesser known use-case: pre-attack reconnaissance. In this case, a bad actor signed up for a lead411 account and is using it to identify potential victims for future targeting and topics or issues that can be used to lend legitimacy to a phishing email or possible CEO fraud.Wapack Labs has cataloged and reported extensively on reconnaissance in the past. An archive of related reporting can be found in the Red Sky Alliance portal.
