Researchers have uncovered a sophisticated large-scale phishing campaign targeting clients of Aruba S.p.A., an Italy-based web hosting provider. The attack involved a fake login and payment site, utilizing advanced techniques like CAPTCHA filtering and Telegram bot coordination to steal sensitive data. #ArubaS.p.A. #PhishingKits
Keypoints
- The phishing campaign specifically targets customers of Aruba S.p.A., a major IT service provider in Italy.
- The attackers used a sophisticated phishing kit that includes CAPTCHA bypass and pre-filled user data to increase success rates.
- Telegram bots played a central role in coordinating the operation and exfiltrating stolen information instantly.
- Victims received fake emails about service expiry or payment failures, leading them to fake login pages.
- The criminals also created fake payment pages to collect credit card details and one-time passwords for fraud.
Read More: https://therecord.media/phishing-campaign-targets-italian-web-hosting-customers