"Standard phishing methods typically require threat actors to craft and deliver emails to a wide audience. These methods are relatively easy for mailbox providers to detect and block, as they can be quickly identified by their origin and content."
"In this case, however, the threat actors exploit a vendor feature to deliver their messages. The emails are sent from a verified source and follow an identical template to legitimate messages, such as a standard PayPal payment request. This makes them difficult for mailbox providers to distinguish from genuine communications, leaving PayPal as potentially the only entity capable of mitigating the issue."
Collection
[
|
...
]