Pulse Detail-

Be Careful Who You Trust: Impersonation Emails Deliver Geodo Malware - PhishMe

概要

Over the past weeks, the Phishing Defence Centre has observed several reports that pretend to come from an internal sender. While this impersonation tactic is not new, we have only recently observed an influx in emails used to deliver the Geodo botnet malware. Figure 1 demonstrates an example of an email we have received. Emails in which the sender appears to be from someone you know and trust create some of the greatest threats to enterprise security. If they are familiar with the sender, victims are tricked into trusting a phishing email and are more likely to click on the link or open the attachment. Always verify the sender if things look suspicious. You should never click on links or open attachments from unknown senders. Remember: Things are not always as they seem.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

Google Docs Phishing Campaign (score: 0.63)
CoT Phishing Email 20171108 (score: 0.62)
Mr.Xpl0it (score: 0.62)
MALWARE POSING AS HUMAN RIGHTS ORGANIZATIONS AND COMMERCIAL SOFTWARE TARGETING IRANIANS AND FOREIGN POLICY INSTITUTIONS (score: 0.61)
" has sent you a document through Google Docs!" - Phishing E-mail (score: 0.61)

このPulseに関連する脅威アクター (事実ベース)

Scattered Spider

Score: 31.32

Matched TTPs:

T1564.008 - Email Hiding Rules
T1114 - Email Collection
T1598.003 - Spearphishing Link
T1598.004 - Spearphishing Voice
T1657 - Financial Theft
T1204 - User Execution
T1656 - Impersonation
T1598 - Phishing for Information
T1136 - Create Account

MITREへのリンク →

FIN4

Score: 7.81

Matched TTPs:

T1564.008 - Email Hiding Rules
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link

MITREへのリンク →

Ember Bear

Score: 13.59

Matched TTPs:

T1491.002 - External Defacement
T1114 - Email Collection
T1571 - Non-Standard Port
T1585 - Establish Accounts

MITREへのリンク →

Sandworm Team

Score: 18.58

Matched TTPs:

T1491.002 - External Defacement
T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1585.002 - Email Accounts
T1584.005 - Botnet
T1571 - Non-Standard Port
T1204.001 - Malicious Link

MITREへのリンク →

Mustard Tempest

Score: 7.34

Matched TTPs:

T1583.008 - Malvertising
T1566.002 - Spearphishing Link
T1204.001 - Malicious Link

MITREへのリンク →

Silent Librarian

Score: 12.21

Matched TTPs:

T1114 - Email Collection
T1598.003 - Spearphishing Link
T1585.002 - Email Accounts
T1608.005 - Link Target

MITREへのリンク →

Magic Hound

Score: 20.77

Matched TTPs:

T1114 - Email Collection
T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1586.002 - Email Accounts
T1585.002 - Email Accounts
T1583.006 - Web Services
T1571 - Non-Standard Port
T1204.001 - Malicious Link
T1566.003 - Spearphishing via Service

MITREへのリンク →

menuPass

Score: 4.72

Matched TTPs:

T1568.001 - Fast Flux DNS
T1566.001 - Spearphishing Attachment

MITREへのリンク →

TA505

Score: 7.53

Matched TTPs:

T1568.001 - Fast Flux DNS
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link

MITREへのリンク →

Gamaredon Group

Score: 22.49

Matched TTPs:

T1568.001 - Fast Flux DNS
T1566.001 - Spearphishing Attachment
T1480 - Execution Guardrails
T1583.006 - Web Services
T1534 - Internal Spearphishing
T1001 - Data Obfuscation
T1571 - Non-Standard Port
T1204.001 - Malicious Link

MITREへのリンク →

BlackTech

Score: 3.68

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link

MITREへのリンク →

MuddyWater

Score: 5.69

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1583.006 - Web Services
T1204.001 - Malicious Link

MITREへのリンク →

LuminousMoth

Score: 6.65

Matched TTPs:

T1566.002 - Spearphishing Link
T1608.005 - Link Target
T1204.001 - Malicious Link

MITREへのリンク →

Confucius

Score: 5.69

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1583.006 - Web Services
T1204.001 - Malicious Link

MITREへのリンク →

Mofang

Score: 3.68

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link

MITREへのリンク →

Kimsuky

Score: 32.45

Matched TTPs:

T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1585.002 - Email Accounts
T1657 - Financial Theft
T1583.006 - Web Services
T1534 - Internal Spearphishing
T1566 - Phishing
T1656 - Impersonation
T1598 - Phishing for Information
T1585 - Establish Accounts
T1204.001 - Malicious Link

MITREへのリンク →

Sidewinder

Score: 9.76

Matched TTPs:

T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1598.002 - Spearphishing Attachment
T1204.001 - Malicious Link

MITREへのリンク →

Elderwood

Score: 3.68

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link

MITREへのリンク →

Machete

Score: 3.68

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link

MITREへのリンク →

FIN7

Score: 11.94

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1608.005 - Link Target
T1583.006 - Web Services
T1571 - Non-Standard Port
T1204.001 - Malicious Link

MITREへのリンク →

Transparent Tribe

Score: 3.68

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link

MITREへのリンク →

Mustang Panda

Score: 17.24

Matched TTPs:

T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1585.002 - Email Accounts
T1583.006 - Web Services
T1027.007 - Dynamic API Resolution
T1204.001 - Malicious Link

MITREへのリンク →

FIN8

Score: 6.43

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1573.002 - Asymmetric Cryptography
T1204.001 - Malicious Link

MITREへのリンク →

APT32

Score: 10.55

Matched TTPs:

T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1583.006 - Web Services
T1571 - Non-Standard Port
T1204.001 - Malicious Link

MITREへのリンク →

APT1

Score: 4.61

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1585.002 - Email Accounts

MITREへのリンク →

Lazarus Group

Score: 18.60

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1585.002 - Email Accounts
T1583.006 - Web Services
T1571 - Non-Standard Port
T1027.007 - Dynamic API Resolution
T1566.003 - Spearphishing via Service
T1090.001 - Internal Proxy

MITREへのリンク →

Leviathan

Score: 12.26

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1585.002 - Email Accounts
T1534 - Internal Spearphishing
T1204.001 - Malicious Link

MITREへのリンク →

APT33

Score: 6.08

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1571 - Non-Standard Port
T1204.001 - Malicious Link

MITREへのリンク →

ZIRCONIUM

Score: 10.72

Matched TTPs:

T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1583.006 - Web Services
T1598 - Phishing for Information
T1204.001 - Malicious Link

MITREへのリンク →

EXOTIC LILY

Score: 8.49

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1585.002 - Email Accounts
T1204.001 - Malicious Link
T1566.003 - Spearphishing via Service

MITREへのリンク →

Molerats

Score: 3.68

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link

MITREへのリンク →

OilRig

Score: 11.62

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1573.002 - Asymmetric Cryptography
T1204.001 - Malicious Link
T1566.003 - Spearphishing via Service

MITREへのリンク →

Windshift

Score: 6.20

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link
T1566.003 - Spearphishing via Service

MITREへのリンク →

Cobalt Group

Score: 6.43

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1573.002 - Asymmetric Cryptography
T1204.001 - Malicious Link

MITREへのリンク →

APT29

Score: 10.88

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1583.006 - Web Services
T1204.001 - Malicious Link
T1566.003 - Spearphishing via Service

MITREへのリンク →

TA2541

Score: 8.44

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1583.006 - Web Services
T1573.002 - Asymmetric Cryptography
T1204.001 - Malicious Link

MITREへのリンク →

Earth Lusca

Score: 8.44

Matched TTPs:

T1566.002 - Spearphishing Link
T1583.006 - Web Services
T1584.006 - Web Services
T1204.001 - Malicious Link

MITREへのリンク →

RedCurl

Score: 6.43

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1573.002 - Asymmetric Cryptography
T1204.001 - Malicious Link

MITREへのリンク →

Storm-1811

Score: 16.08

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.004 - Spearphishing Voice
T1667 - Email Bombing
T1656 - Impersonation
T1566.003 - Spearphishing via Service

MITREへのリンク →

Turla

Score: 11.37

Matched TTPs:

T1566.002 - Spearphishing Link
T1583.006 - Web Services
T1584.006 - Web Services
T1204.001 - Malicious Link
T1090.001 - Internal Proxy

MITREへのリンク →

Wizard Spider

Score: 5.97

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1585.002 - Email Accounts
T1204.001 - Malicious Link

MITREへのリンク →

TA577

Score: 5.47

Matched TTPs:

T1566.002 - Spearphishing Link
T1586.002 - Email Accounts
T1204.001 - Malicious Link

MITREへのリンク →

Patchwork

Score: 6.14

Matched TTPs:

T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link

MITREへのリンク →

LazyScripter

Score: 5.69

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1583.006 - Web Services
T1204.001 - Malicious Link

MITREへのリンク →

APT42

Score: 9.51

Matched TTPs:

T1566.002 - Spearphishing Link
T1585.002 - Email Accounts
T1573.002 - Asymmetric Cryptography
T1656 - Impersonation

MITREへのリンク →

APT39

Score: 6.61

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1204.001 - Malicious Link
T1090.001 - Internal Proxy

MITREへのリンク →

APT28

Score: 21.48

Matched TTPs:

T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1583.006 - Web Services
T1598 - Phishing for Information
T1137.002 - Office Test
T1204.001 - Malicious Link
T1211 - Exploitation for Defense Evasion

MITREへのリンク →

Star Blizzard

Score: 11.91

Matched TTPs:

T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1585.002 - Email Accounts
T1598.002 - Spearphishing Attachment

MITREへのリンク →

Moonstone Sleet

Score: 11.58

Matched TTPs:

T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1585.002 - Email Accounts
T1598 - Phishing for Information
T1566.003 - Spearphishing via Service

MITREへのリンク →

CURIUM

Score: 11.76

Matched TTPs:

T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1585.002 - Email Accounts
T1584.006 - Web Services
T1566.003 - Spearphishing via Service

MITREへのリンク →

Dragonfly

Score: 6.95

Matched TTPs:

T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1598.002 - Spearphishing Attachment

MITREへのリンク →

Saint Bear

Score: 7.28

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1583.006 - Web Services
T1656 - Impersonation
T1204.001 - Malicious Link

MITREへのリンク →

Tropic Trooper

Score: 3.62

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

FIN6

Score: 6.14

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1573.002 - Asymmetric Cryptography
T1566.003 - Spearphishing via Service

MITREへのリンク →

WIRTE

Score: 3.27

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1571 - Non-Standard Port

MITREへのリンク →

Ajax Security Team

Score: 3.40

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1566.003 - Spearphishing via Service

MITREへのリンク →

APT41

Score: 3.91

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1656 - Impersonation

MITREへのリンク →

Winter Vivern

Score: 5.86

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1584.006 - Web Services
T1204.001 - Malicious Link

MITREへのリンク →

Higaisa

Score: 3.80

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1090.001 - Internal Proxy

MITREへのリンク →

Malteiro

Score: 3.40

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1657 - Financial Theft

MITREへのリンク →

SideCopy

Score: 4.50

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1598.002 - Spearphishing Attachment

MITREへのリンク →

Silence

Score: 3.27

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1571 - Non-Standard Port

MITREへのリンク →

IndigoZebra

Score: 5.55

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1583.006 - Web Services

MITREへのリンク →

PLATINUM

Score: 5.41

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1056.004 - Credential API Hooking

MITREへのリンク →

APT-C-36

Score: 3.27

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1571 - Non-Standard Port

MITREへのリンク →

HEXANE

Score: 8.57

Matched TTPs:

T1586.002 - Email Accounts
T1585.002 - Email Accounts
T1534 - Internal Spearphishing

MITREへのリンク →

LAPSUS$

Score: 13.97

Matched TTPs:

T1586.002 - Email Accounts
T1598.004 - Spearphishing Voice
T1204 - User Execution
T1656 - Impersonation

MITREへのリンク →

Medusa Group

Score: 9.57

Matched TTPs:

T1585.002 - Email Accounts
T1657 - Financial Theft
T1583.006 - Web Services
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

Indrik Spider

Score: 6.13

Matched TTPs:

T1585.002 - Email Accounts
T1136 - Create Account

MITREへのリンク →

Contagious Interview

Score: 23.42

Matched TTPs:

T1585.002 - Email Accounts
T1657 - Financial Theft
T1480 - Execution Guardrails
T1583.006 - Web Services
T1571 - Non-Standard Port
T1656 - Impersonation
T1585 - Establish Accounts
T1204.001 - Malicious Link
T1566.003 - Spearphishing via Service

MITREへのリンク →

HAFNIUM

Score: 5.63

Matched TTPs:

T1584.005 - Botnet
T1583.006 - Web Services

MITREへのリンク →

Axiom

Score: 15.98

Matched TTPs:

T1584.005 - Botnet
T1566 - Phishing
T1553 - Subvert Trust Controls
T1001.002 - Steganography

MITREへのリンク →

Volt Typhoon

Score: 6.55

Matched TTPs:

T1584.005 - Botnet
T1090.001 - Internal Proxy

MITREへのリンク →

INC Ransom

Score: 5.81

Matched TTPs:

T1657 - Financial Theft
T1566 - Phishing

MITREへのリンク →

FIN13

Score: 5.45

Matched TTPs:

T1657 - Financial Theft
T1090.001 - Internal Proxy

MITREへのリンク →

AppleJeus

Score: 5.81

Matched TTPs:

T1657 - Financial Theft
T1566 - Phishing

MITREへのリンク →

BlackByte

Score: 3.84

Matched TTPs:

T1480 - Execution Guardrails

MITREへのリンク →

PROMETHIUM

Score: 4.13

Matched TTPs:

T1205.001 - Port Knocking

MITREへのリンク →

UNC3886

Score: 4.13

Matched TTPs:

T1205.001 - Port Knocking

MITREへのリンク →

APT17

Score: 5.45

Matched TTPs:

T1583.006 - Web Services
T1585 - Establish Accounts

MITREへのリンク →

TA578

Score: 3.37

Matched TTPs:

T1583.006 - Web Services
T1204.001 - Malicious Link

MITREへのリンク →

Sea Turtle

Score: 3.29

Matched TTPs:

T1566 - Phishing

MITREへのリンク →

GOLD SOUTHFIELD

Score: 3.29

Matched TTPs:

T1566 - Phishing

MITREへのリンク →

RedEcho

Score: 5.14

Matched TTPs:

T1571 - Non-Standard Port
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

Velvet Ant

Score: 12.21

Matched TTPs:

T1571 - Non-Standard Port
T1573.002 - Asymmetric Cryptography
T1090.001 - Internal Proxy
T1211 - Exploitation for Defense Evasion

MITREへのリンク →

Fox Kitten

Score: 3.44

Matched TTPs:

T1585 - Establish Accounts

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Strider

Score: 7.06

Matched TTPs:

T1564.005 - Hidden File System
T1090.001 - Internal Proxy

MITREへのリンク →

Salt Typhoon

Score: 3.84

Matched TTPs:

T1136 - Create Account

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.80

Matched TTPs:

T1566 - Phishing
T1586.002 - Email Accounts
T1566.001 - Spearphishing Attachment
T1598.003 - Spearphishing Link
T1585 - Establish Accounts
T1204.001 - Malicious Link
T1566.002 - Spearphishing Link
T1657 - Financial Theft
T1583.006 - Web Services
T1656 - Impersonation
T1585.002 - Email Accounts
T1598 - Phishing for Information
T1534 - Internal Spearphishing

MITREへのリンク →

Scattered Spider

Score: 0.77

Matched TTPs:

T1564.008 - Email Hiding Rules
T1598.003 - Spearphishing Link
T1204 - User Execution
T1657 - Financial Theft
T1656 - Impersonation
T1136 - Create Account
T1598.004 - Spearphishing Voice
T1114 - Email Collection
T1598 - Phishing for Information

MITREへのリンク →

Contagious Interview

Score: 0.60

Matched TTPs:

T1585 - Establish Accounts
T1571 - Non-Standard Port
T1566.003 - Spearphishing via Service
T1204.001 - Malicious Link
T1657 - Financial Theft
T1583.006 - Web Services
T1480 - Execution Guardrails
T1656 - Impersonation
T1585.002 - Email Accounts

MITREへのリンク →

Gamaredon Group

Score: 0.58

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1571 - Non-Standard Port
T1204.001 - Malicious Link
T1583.006 - Web Services
T1480 - Execution Guardrails
T1568.001 - Fast Flux DNS
T1001 - Data Obfuscation
T1534 - Internal Spearphishing

MITREへのリンク →

APT28

Score: 0.57

Matched TTPs:

T1586.002 - Email Accounts
T1566.001 - Spearphishing Attachment
T1598.003 - Spearphishing Link
T1211 - Exploitation for Defense Evasion
T1204.001 - Malicious Link
T1137.002 - Office Test
T1583.006 - Web Services
T1598 - Phishing for Information

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る

Be Careful Who You Trust: Impersonation Emails Deliver Geodo Malware - PhishMe

概要

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

Pulse – 脅威アクター グラフ

Pulse – 脅威アクターグラフ