The Threat Actors Behind The Questrade And Wealthsimple Phishing Campaign Are Now Going After TD Customers
I have been tracking a threat actor who has used first Questrade and then Wealthsimple as part of a large scale phishing campaign that is being carried out via email. Well, my honeypot, which is a computer that I have set up to capture emails and be a target for hackers so that I can gather intel on what the bad guys are up to, have caught a new twist in this campaign. This time the threat actors are using TD bank to perpetrate their scam. This popped up in my honeypot a few minutes ago:
Now I won’t go down the rabbit hole on how the campaign works as I have done this in the first part my research. But I will note that these threat actors are getting sloppy. The quality of this email is not as good as the other ones which makes me wonder how effective this will be. Having said that, the fact that these threat actors are still trying and are shifting tactics implies that they must be having some level of success. Your task is to make sure that you’re not part of whatever success they are having. Thus this is another email that you should instantly delete if you get it.
This entry was posted on November 3, 2025 at 12:24 pm and is filed under Commentary with tags Scams. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
The Threat Actors Behind The Questrade And Wealthsimple Phishing Campaign Are Now Going After TD Customers
I have been tracking a threat actor who has used first Questrade and then Wealthsimple as part of a large scale phishing campaign that is being carried out via email. Well, my honeypot, which is a computer that I have set up to capture emails and be a target for hackers so that I can gather intel on what the bad guys are up to, have caught a new twist in this campaign. This time the threat actors are using TD bank to perpetrate their scam. This popped up in my honeypot a few minutes ago:
Now I won’t go down the rabbit hole on how the campaign works as I have done this in the first part my research. But I will note that these threat actors are getting sloppy. The quality of this email is not as good as the other ones which makes me wonder how effective this will be. Having said that, the fact that these threat actors are still trying and are shifting tactics implies that they must be having some level of success. Your task is to make sure that you’re not part of whatever success they are having. Thus this is another email that you should instantly delete if you get it.
Share this:
Like this:
Related
This entry was posted on November 3, 2025 at 12:24 pm and is filed under Commentary with tags Scams. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.