A Large-Scale Phishing Campaign Targeting Users of Popular Brands

Security firm Bolster recently uncovered a large-scale phishing attack that has been active since June 2022. Hackers have been targeting users of hundreds of popular fashion, sports equipment, and wearable device brands by creating counterfeit websites designed to trick consumers into entering their account passwords and credit card information. Researchers have identified approximately 6,000 such websites, spanning over 3,000 domains. The peak of this attack occurred between January and February of this year.

Furthermore, researchers have noted that hackers frequently utilize domain names registered for over two years to carry out their attacks. This strategy leads Google’s search engine to perceive these websites as harmless, resulting in higher rankings for these phishing sites in search results.

This large-scale phishing campaign serves as a stark reminder of the importance of internet security. Consumers and brands need to remain vigilant to prevent their information from being stolen. Additionally, it is crucial to urge search engines like Google to enhance their scrutiny and verification processes for website legitimacy to prevent the proliferation of such phishing websites.