The group activity has overlaps with APT40, which has continued its “operational tempo” despite a previous indictment by the U.S. Department of Justice in 2021.
Attackers compromised some customer and employee accounts at Twilio through a text-based phishing campaign.
Microsoft has identified a long, widespread phishing campaign that stole session cookies to bypass MFA and led to BEC and payment fraud.
A $23.5 million phishing scheme was carried out in 2018 that impacted the U.S. Department of Defense.
U.S. election officials and other state and local government officials received invoice-themed phishing emails aiming to steal their credentials, warned the FBI.