Akamai Diversity

Akamai Security Intelligence
& Threat Research

Recently by Or Katz

Or Katz

Or Katz

November 20, 2019 9:00 AM

Out of Season IRS Phishing Campaigns

Over the past two months, Akamai's threat research team has been closely monitoring a phishing campaign that impersonates the official Internal Revenue Service (IRS) website, and is requesting sensitive information, email addresses, and passwords.

Or Katz

Or Katz

August 5, 2019 6:16 AM

Summer Phishing Scams Targeting Vacation Hotspots

As phishing websites become more advanced, by using rich functionality and customized workflows, evidence indicates that web analytics plugins are being commonly used in phishing kits. This enables threat actors to have stronger visibility into victim profiles and their behavior once they have landed on the scam website. This, in turn, can lead to future optimizations of the phishing kit and scam's distribution.

Or Katz

Or Katz

June 18, 2019 8:00 AM

Analytics - Tracking a Phishing Campaign

Earlier this year, Akamai discovered a publicly available plug-in that is being used to collect analytics and various stats on a number of phishing campaigns. Using our own data, we were able to correlate the analytics and view the IP addresses of the victims, since the phishing campaigns were directing victims to one of our customers.

Or Katz

Or Katz

June 12, 2019 6:00 PM

Catch Me If You Can: Evasive and Defensive Technique ...

Phishing is a multifaceted type of attack, aimed at collecting usernames and passwords, personal information, or sometimes both. Yet, these attacks only work so long as the phishing kit itself remains hidden. Phishing is a numbers game and time is a factor. The longer a phishing kit can remain active and undetected, the longer the scam can run. The longer the scam runs, the number of victims only increases.

Or Katz

Or Katz

June 12, 2019 6:00 PM

Phishing Factories and Economies

Every day Akamai sees thousands of new phishing pages. Over the last few months one kit, and the pattern it represents, has stood out to our researchers. In today's post, we're going to explore this kit, how it came to be, and what its existence means to the public. Since December, Akamai has tracked the development and deployment of different phishing kits. Some of them are using an almost factory-like

Or Katz

Or Katz

May 24, 2019 8:00 AM

Disturbingly Easy Phishing Attack Development

While speaking to a colleague of mine regarding recent work on Akamai's Enterprise Threat Protector (ETP) Research Team, related to phishing detection and mitigation, we discussed a recent phishing campaign targeting Microsoft users that leveraged free HTML hosting services and how easy it has become to build and deliver phishing website.

Or Katz

Or Katz

December 14, 2018 8:00 AM

Quiz Phishing: One Scam, 78 Variations

Overview Over the past year, Akamai Enterprise Threat Research team monitored the usage of one particular phishing toolkit in the wild. We previously wrote about this phishing toolkit as "Three Questions Quiz". The "Quiz" toolkit is not new to the threat landscape, as its been used in many phishing campaigns in recent years. Our goal here is to present new insights on the evolution and scale of usage of the

Or Katz

Or Katz

January 19, 2018 1:33 AM

Gone Phishing For The Holidays

Written by Or Katz and Amiram Cohen Overview: While our team, Akamai's Enterprise Threat Protector Security Research Team, monitored internet traffic throughout the 2017 holiday season, we spotted a wide-spread phishing campaign targeting users through an advertising tactic. During the six week timeframe, we tracked thirty different domains with the same prefix: "holidaybonus{.}com". Each one advertised the opportunity to win an expensive technology prize - a free iPhone 8, PlayStation

Or Katz

Or Katz

October 19, 2017 4:00 PM

Fast Flux Botnet: Research Results

Just like that, another Akamai Edge has come and gone. If you were able to join us this year, I hope you had a chance to stop by my presentation on Threat Intelligence Insights: An In-Depth Analysis of a Fast Flux Botnet.