Crafty Phishing Campaigns Auto-Adapt to Victim’s Device, OS

Crafty Phishing Campaigns Auto-Adapt to Victim’s Device, OS
Threat actors are using platform-aware phishing campaigns that fingerprint victims’ devices and operating systems to deliver tailored payloads after a click. Cofense found these attacks can serve different malware, disguise landing pages as trusted services, and increase attacker profits by adapting to Windows, macOS, Android, and other environments. #Cofense #FleetDeck #TifluxRAT #Telegram #Cloudflare #FIDO2 #ConnectWise

Keypoints

  • Threat actors now adapt phishing campaigns to the victim’s device and operating system.
  • Landing pages fingerprint user-agent data to gather device, browser, language, time, and geolocation details.
  • Attackers can deliver different payloads, such as FleetDeck for macOS or Tiflux RAT for Windows.
  • Phishing pages mimic trusted brands like Google, Docusign, Microsoft Teams, Adobe, and Zoom.
  • Security teams should use FIDO2, train employees, and unify monitoring across Windows, Mac, and mobile.

Read More: https://www.darkreading.com/application-security/phishing-campaigns-auto-adapt-victims-device-os