TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

Infosecurity Magazine

Researchers Warn of Global Surge in Fake Shipment Tracking Scams

2026-03-16 · Read original ↗

ATT&CK techniques detected

4 predictions
T1566.002Spearphishing Link
90%
"about ongoing phishing attempts abusing their brands - strengthen official domains using strong authentication and domain security protocols such as dmarc, skim and spf to reduce emails sent under the company name - employ a brand protection service that can actively track fake d…"
T1566.002Spearphishing Link
86%
"been definitively linked to these schemes, the group - ib researchers observed that many of the phishing sites share infrastructure and characteristics commonly associated with darcula. darcula phishkit is a chinese - language phaas platform that emerged in 2023 and has been used…"
T1566.002Spearphishing Link
82%
". ] top ) they also abuse trusted extensions like. com through lookalike variations designed to mimic real brands. a typical fake shipment tracking scam campaign starts with an attacker setting up a phishing domain and a fake website. next, they typically use one of the following…"
T1598.003Spearphishing Link
43%
". ] top ) they also abuse trusted extensions like. com through lookalike variations designed to mimic real brands. a typical fake shipment tracking scam campaign starts with an attacker setting up a phishing domain and a fake website. next, they typically use one of the following…"

Summary

Some of these campaigns are linked to Darcula, a Chinese-language phishing-as-a-service platform