Intel Name: Phishing infrastructure impersonating cybersecurity vendors/vpn providers
Date of Scan: October 29, 2024
Impact: Medium
Summary: The report on “Phishing Infrastructure Impersonating Cybersecurity Vendors/VPN Providers” reveals a malicious campaign that targets users by impersonating well-known cybersecurity and VPN companies. The campaign features root domains named after various vendors and includes previously reported phishing incidents. Registered between June 26 and October 8, 2024, these domains have been hosted on seven unique IP addresses over the past month. Currently, most of these sites are displaying “503 service unavailable” or “internal server error” messages, indicating potential disruption in their operations.
