Darktrace email finds: QuickBooks impersonation phishing attack | Darktrace Blog
Tags
country: Italy
maec-delivery-vectors: Watering Hole
attack-pattern: Data Model Models Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Impersonation - T1656 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002 Vulnerabilities - T1588.006 Vulnerability Scanning - T1595.002
Show in Graph
Common Information
Type Value
UUID 31d247c2-8abd-4497-bdac-ee844e01cbc0
Fingerprint a78009132943deeb
Analysis status DONE
Considered CTI value 0
Text language
Published June 23, 2020, midnight
Added to db Aug. 13, 2023, 1:39 a.m.
Last updated Oct. 16, 2024, 2:03 a.m.
Headline Darktrace email finds: QuickBooks impersonation phishing attack
Title Darktrace email finds: QuickBooks impersonation phishing attack | Darktrace Blog
Detected Hints/Tags/Attributes 84/3/14
Source URLs
Redirection Url
Details Source https://darktrace.com/blog/darktrace-email-finds-quickbooks-impersonation-phishing-attack
URL Provider
Details Provider Source level domain
Details darktrace.com darktrace.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 101 https://de.darktrace.com/blog/rss.xml 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 3 
notification.intuit.com
Details Domain 76 
ipfs.io
Details Domain 58 
image.thum.io
Details Domain 58 
logo.clearbit.com
Details Domain 58 
mku.ipfs.dweb.link
Details Domain 58 
filebase.com
Details Email 3 
quickbooks@notification.intuit.com
Details File 58 
ob.html
Details File 58 
atob.html
Details File 58 
cpmk.htm
Details Url 58 
https://ipfs.io/ipfs/qmfddxlwoliqfurx6duzcshxvbp1znm21h5jxgs1ffnxtp?filename=at
Details Url 58 
https://ipfs.io/ipfs/qmfddxlwoli
Details Url 58 
https://filebase.com/blog/ipfs-content-addressing-explained
Details Url 58 
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/the-attack-of-the-chameleon-phishing-page