Find out how this attack was designed to bypass domain-based inspection, and combined brand impersonation with the use of a real Ticketmaster URL to trick victims. On click, a 302 redirect sent victims to a phishing website. Sold as part of a phishing kit by crime-as-a-service gang Caffeine, this attack is available to purchase online.

121%
increase in using legitimate URLs as carriers for malicious payloads
71%
of malicious payloads were HTML smuggling attacks
151%
increase in attacks sent from compromised accounts


Analysis of phishing attack created by crime-as-a-service gang Caffeine


Spike in phishing emails sent from compromised accounts
Understand how compromised legitimate accounts are being used by cybercriminals, with analysis of the types of payload being delivered and insight into the use of HTML smuggling to obfuscate malware. Additionally see how a business email compromise (BEC) attack plays out by leveraging social engineering tactics.

Whaling in 2023
Get insight into the ways cybercriminals target C-suite executives, including analysis of the payloads sent to the three most targeted job titles. Plus, find out why Monday is the most popular day of the week to send phishing emails to senior executives.


As cybercriminals continue to evolve their attack techniques, we are publishing this report to highlight emerging attack methodologies and trends.
Jack Chapman, VP of Threat Intelligence, Egress

Download your free report
