Cofense
From Fake Amazon Security Alert to HarborWatch Agent: ClickFix Delivery of a Custom Monitoring RAT
By: Dylan Main, Cofense Phishing Defense Center Threat actors do not always need to compromise a major company to weaponize its trust; they simply need to borrow its name. In the following campaign threat, cybercriminals utilize social engineering, lookalike domains, and fake verification tactics to turn a routine security alert into a ClickFix malware delivery with the goal of convincing recipients to unknowingly infect themselves. The Cofense Phishing Defense Center has identified an Amazon-th...