Summary
Key Points:
- A series of sophisticated phishing campaigns have been identified, where attackers impersonate Palo Alto Networks talent acquisition staff to target senior professionals.
- The impact includes potential financial loss and identity theft for victims who may pay for fraudulent resume services. Affected systems include email platforms and LinkedIn profiles.
- Recommended actions include verifying sender domains, avoiding payment requests during recruitment, and reporting suspicious communications.
Technical Details: The attacks leverage social engineering tactics, using scraped LinkedIn data to craft personalized phishing emails that create a false sense of urgency regarding resume formatting.
MITRE ATT&CK Techniques:
- T1566.001 - Phishing: Spearphishing Attachment (Initial Access)
IOCs Mentioned:
- Emails: paloaltonetworks@gmail[.]com, recruiter.paloalnetworks@gmail[.]com, phillipwalters006@gmail[.]com, posunrayi994@gmail[.]com
- Handles: pelmaxx, pellmax, pelll_max
- Phone numbers: +2349131397140 (Nigeria), +972 541234567 (Fake Placeholder)
Join the discussion — sign up to comment, upvote, and save articles.