Check Point warns of a major phishing campaign being launched using fake Gmail accounts.

Check Point Research has discovered a phishing campaign using fake Gmail accounts targeting users worldwide. The hackers want to steal data from their victims with an updated version of the Rhadamanthys Stealer. They try to convince them to click by sending emails that appear to be from well-known companies. For example, Check Point itself is imitated by criminals.

Copyright Violations

As part of this campaign, victims receive emails that appear to be from legitimate companies accusing them of copyright infringement on social media platforms such as Facebook. Cybercriminals use fake Gmail accounts to send messages that target the victim’s language and location to increase the credibility of the threat.

The campaign focuses on various sectors and countries, including the United States and Europe. Check Point reports that most copycats target entertainment and media, technology and software companies. The attack method used by Check Point CopyRh(ight)adamantys campaign mentioned appears to be aimed primarily at financial gain and does not appear to be tied to any state.

Big impact

Check Point points out the major consequences of phishing campaigns. According to a recent study by Febelfin, in 2023 alone, 40 million euros were stolen from Belgian consumers through phishing attacks imitating financial institutions.

The potential prey for attackers is also greater than ever. In the context of hybrid working, the separation between professional systems and private IT environments is not always sufficient. Anyone who convinces an employee to install malware via private message can gain access to company data.