Threats Tagged 'emailjs exfiltration'
View all threats tagged with 'emailjs exfiltration'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'emailjs exfiltration'
Click on any threat for detailed analysis and mitigation recommendations
Inside a Fake DHL Campaign Built to Steal Credentials 0 A consumer-targeted credential theft operation uses DHL brand impersonation combined with a fake OTP verification mechanism to harvest passwords from victims. The attack employs an 11-step chain beginning with spoofed shipment notification emails, leading victims through a client-side generated OTP page that creates false trust, then directing them to a DHL-branded credential harvesting portal. The kit captures passwords alongside victim telemetry including IP address, device details, browser fingerprinting, and geolocation data. Exfiltration occurs through EmailJS, a legitimate client-side email service, sending stolen credentials to an attacker-controlled Tutamail address. The campaign concludes by redirecting victims to the legitimate DHL website to avoid suspicion, demonstrating how familiar workflows and brand trust can be weaponized without technical sophistication. Join the discussion | AlienVault OTX General | 04/28/2026, 20:56:53 UTC Added: 04/29/2026, 07:06:22 UTC |
Showing 1 to 1 of 1 result