Today must be the day of phishing. Already we have noted some American Express themed phishing, USPS themed shipping notifications and a host of other attempts.
These campaigns are so effective because people will click on the attachments and infect themselves.
Just to keep people in the loop here is what we have seen today.
American Express Incident (americanexpress@ampress[.]com) :
63.252.93[.]222 ironport2.hkusa.com
192.168.109[.]132 - Spoofed IP
spenix@zebucompliance.com
USPS Phishing Activity:
49.240.124[.]196
196.124.240.49.ap.yournet.ne[.]jp
https://elmundodelasaguas.gb.net/upst/?IQ= - Pattern in Email Content
elmundodelasaguas.gb.net
What is phishing?
The fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers or a vector to spread ransomware and viruses.