logo

Legal Threat in Your Inbox: How a Gmail Shortlink Hides a Credential-Harvest Destination

ID: 268f8114-a2b9-58d9-b2fc-a588dc172bc9

STIX ID: report--268f8114-a2b9-58d9-b2fc-a588dc172bc9

Feed Name: IRONSCALES

Threat Score
70/100

Date Published: 2026-06-28

Date Updated: 2026-07-02

Author: [email protected] (Audian Paxson)

...
...

An IRONSCALES analysis documents a high-risk credential-harvesting phishing campaign: an anonymized Gmail sender sent a mass-BCC legal-threat lure containing a short.gy link that redirects to a privacy-protected malicious domain (chongdaotang.net) rated malicious, with authentication (SPF/DKIM/DMARC) passing and IRONSCALES flagging the message at 90% confidence; defenders are advised to resolve shortened URLs to their final destinations and verify unexpected legal contacts before clicking.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.