![Apple's M5 iPad Pro Enters Advanced Testing for 2025 Launch [Gurman]](https://www.iclarified.com/images/news/96865/96865/96865-640.jpg)
![M5 MacBook Pro Set for Late 2025, Major Redesign Waits Until 2026 [Gurman]](https://www.iclarified.com/images/news/96868/96868/96868-640.jpg)
![Apple to Revamp Health App with AI-Powered Doctor [Gurman]](https://www.iclarified.com/images/news/96870/96870/96870-640.jpg)
![What Google Messages features are rolling out [March 2025]](https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2023/12/google-messages-name-cover.png?resize=1200%2C628&quality=82&strip=all&ssl=1)
![[The AI Show Episode 141]: Road to AGI (and Beyond) #1 — The AI Timeline is Accelerating](https://www.marketingaiinstitute.com/hubfs/ep%20141.1.png)
![[The AI Show Episode 140]: New AGI Warnings, OpenAI Suggests Government Policy, Sam Altman Teases Creative Writing Model, Claude Web Search & Apple’s AI Woes](https://www.marketingaiinstitute.com/hubfs/ep%20140%20cover.png)
![[The AI Show Episode 139]: The Government Knows AGI Is Coming, Superintelligence Strategy, OpenAI’s $20,000 Per Month Agents & Top 100 Gen AI Apps](https://www.marketingaiinstitute.com/hubfs/ep%20139%20cover-2.png)
![Charging clients to use an open source software and proprietary modules [closed]](https://cdn.sstatic.net/Sites/softwareengineering/Img/apple-touch-icon@2.png?v=1ef7363febba)
![From broke musician to working dev. How college drop-out Ryan Furrer taught himself to code [Podcast #166]](https://cdn.hashnode.com/res/hashnode/image/upload/v1743189826063/2080cde4-6fc0-46fb-b98d-b3d59841e8c4.png?#)
![[FREE EBOOKS] The Ultimate Linux Shell Scripting Guide, Artificial Intelligence for Cybersecurity & Four More Best Selling Titles](https://www.javacodegeeks.com/wp-content/uploads/2012/12/jcg-logo.jpg){kind=logo}
.png?#)
This new phishing campaign can tailor its messages to target you with your favorite businesses
Security researchers from Infoblox found a new phishing kit called Morphing Meerkat.
- Morphing Meerkat phishing kit can spoof more than 100 different brands
- It's been used to send "thousands" of emails, experts warn
- Defenses includes adding a strong layer of DNS security
Cybercriminals have created a new technique to serve phishing emails to business users which are almost indistinguishable from legitimate messages.
Cybersecurity researchers Infoblox spotted the Phishing-as-a-Service (PhaaS) kit, built by a threat actor dubbed Morphing Meerkat, which deploys DNS Mail exchange (MX) records, dynamically serving fake login pages.
The technique allows them to spoof more than 100 different brands, making it quite a potent offering for cybercriminals.
Monitor your credit score with TransUnion starting at $29.95/month
TransUnion is a credit monitoring service that helps you stay on top of your financial health. With real-time alerts, credit score tracking, and identity theft protection, it ensures you never miss important changes. You'll benefit from a customizable online interface with clear insights into your credit profile. Businesses also benefit from TransUnion’s advanced risk assessment tools.
Preferred partner (What does this mean?)View Deal
Open redirects
“Morphing Meerkat’s PhaaS platform and phishing kits are unique compared to others because they dynamically serve phishing login webpages based on the DNS MX record of each victim’s email domain,” the researchers explained, saying that it lets the attackers display web content “strongly related” to the victim’s email service provider.
“The overall phishing experience feels natural because the design of the landing page is consistent with the spam email’s message,” they added.
Morphing Meerkat hasn’t exactly drawn much attention to itself yet, which might sound rather surprising given the fact that it sent “thousands” of spam emails from servers mostly located in the UK and the United States.
However, the researchers said the operation is “difficult” to detect at scale, since the attackers know where security blind spots are, and have been exploiting them via open redirects on adtech, DoH communication, and popular file-sharing services.
To protect themselves, organizations should add a strong layer of DNS security to their systems, Infoblox concludes, which includes tightening DNS controls and not allowing users to communicate with DoH servers.
“If companies can reduce the number of unimportant services in their network, they can reduce their attack surface, giving few options to cybercriminals for threat delivery,” Infoblox concluded.
You might also like
- Massive online data breach sees 2.7 billion records leaked - here's what we know
- We've rounded up the best password managers
- Take a look at our guide to the best authenticator app
