On the heels of the Senate confirming Ketanji Brown Jackson for the upcoming Supreme Court vacancy, INKY cybersecurity engineers detected a relevant phishing attack – a new variant on an existing phishing campaign using tactics similar to the Calendly hack that INKY’s researchers recently discovered.
Today INKY published research analyzing the novel phishing attack impersonating the Supreme Court with fraudulent emails that included a Notice of Summons threatening arrest if the recipient didn’t appear in court exploiting vulnerable and susceptible victims to click on a malicious link. Examination of the code revealed similarities down to the level of variable names, implying that the perpetrators were using the same phish kit and were the same threat actor group that launched the Calendly attack.
You can take a look at the forensic analysis of this new phishing campaign here: https://www.inky.com/en/blog/fresh-phish-supreme-court-lure-follows-phishing-precedent.