The Cofense Phishing Defense Center (PDC) has detected a recent phishing campaign that imitates legitimate WeTransfer applications by setting up fake websites that appear genuine. This enables threat actors to bypass email security gateways (SEG) to lure users into sharing their credentials.
WeTransfer is a file hosting site that allows users easy access to share files. With the popularity of the service, it’s likely users would overlook the threat level within the email. Threat actors have reimaged this site to entice unsuspecting recipients to click on a malicious link that redirects them to the phishing page, resulting in users handing over their credentials.
