3 Messages on Hold: How an Authenticated Australian Domain Posed as a Security Center
ID: a8d7fee9-b301-53f1-98ff-06b871eca6cb
STIX ID: report--a8d7fee9-b301-53f1-98ff-06b871eca6cb
Feed Name: IRONSCALES
Threat Score
A phishing campaign delivered from an authenticated Australian domain impersonated a "Security Center" notification and weaponized urgency (subject, X-Priority:1, Importance:High) to prompt clicks that routed through a CRM redirect (crm.webguruz.in) to a credential-harvesting page; behavioral detection quarantined the message despite passing SPF/DKIM/DMARC, and the report provides IOCs and MITRE ATT&CK mappings.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.