The aviation sector has been primarily targeted by Scattered Spider's latest social engineering attacks, with a broader aim at manufacturing, medical technology, and companies like Chipotle Mexican Grill. Researchers uncovered 500 domains that appear to spoof legitimate corporate login portals, indicating potential phishing infrastructure. These domains mimic actual login pages to deceive employees into revealing their credentials. The group behind these attacks has a history of making fake calls to IT support, enhancing the effectiveness of their social engineering schemes. The discovered domains suggest an expansive targeting strategy across various industries.
Check Point researchers recently uncovered 500 domains following Scattered Spider's naming conventions, designed to spoof legitimate corporate login portals like 'victimname-servicedesk.com'.
The loosely knit gang of criminals specializes in social engineering, making fake calls to IT helpdesks and tricking employees into providing login credentials.
Some domains impersonate a variety of companies, including manufacturing, medical technology, financial services, and enterprise platforms, suggesting a broad threat landscape.
Check Point has not confirmed all 500 websites as malicious, but their alignment with Scattered Spider's tactics indicates a strong intent to target.
Collection
[
|
...
]