BleepingComputer reports that more than 100 widely known clothing and footwear brands, including Tommy Hilfiger, Guess, Columbia, Adidas, and Nike, have been spoofed in an ongoing brand impersonation phishing campaign since June 2022 aimed at exfiltrating user credentials and financial details.
At least 3,000 domains attributed to Autonomous System number AS48950 and registered via Alibaba Singapore, as well as nearly 6,000 sites have been used as part of the campaign, with the number of fake sites significantly increasing from January to February, a report from Bolster showed.
Researchers also found that many domains leveraged by attackers have been aged from 90 days to two years and have gained traction in Google Search results. Further examination of the spoofed pages revealed extensive work by threat actors to make the malicious sites believable to their potential victims, with highly detailed "About Us" or order pages, according to BleepingComputer.
Uncertainties remain regarding the exit scam strategy of the campaign.