A new phishing campaign codenamed ‘Ducktail’ is underway, targeting professionals on LinkedIn to take over Facebook business accounts that manage advertising for the company.
The operators of Ducktail have a narrow targeting scope and select their victims carefully, trying to find people who have admin privileges on their employer’s social media accounts.
The discovery of this campaign comes from researchers at WithSecure, who have been tracking what they believe to be a Vietnamese threat actor since 2021, and collected evidence of activity dating going back to 2018.
Comments are closed.