Despite having an apparent lull in the first half of 2019, phishing will remain a staple in a cybercriminal’s arsenal, and they’re not going to stop using it. The latest example is a phishing campaign dubbed Heatstroke, based on a variable found in their phishing kit code. Heatstroke demonstrates how far phishing techniques have evolved — from merely mimicking legitimate websites and using diversified social engineering tactics — with its use of more sophisticated techniques such as steganography.
The way Heatstroke’s operators do research on their potential victims is notable. They aim for their victim’s private email addresses, which they most likely collected from the victim’s own address list, which also includes managers and employees in the technology industry. Private email addresses are more likely to be hosted on free email services with lax security and spam filtering.
Source: Trend Micro