Unearthing a phishing campaign against Calendly to steal user credentials

By Sreekar Madabushi - 2024-04-12
Introduction In this post, we’ll use Validin’s comprehensive DNS and endpoint responses to uncover a threat actor that uses Calendly phishing domains to steal user credentials.
Unearthing a phishing campaign against Calendly to steal user credentials
 
Unmasking Crypto Phishing Websites with Validin

Unmasking Crypto Phishing Websites with Validin

Introduction In this post, I’ll walk you through the discovery process of using Validin’s extensive domain and IP crawling data to find dozens of related crypto-themed phishing websites.
Finding “Lost iPhone” Smishing with Validin

Finding “Lost iPhone” Smishing with Validin

Introduction In this post, I’ll walk through another real-world example of smishing, this time from a LinkedIn post (also found on this blog) detailing a phone theft experience that nearly resulted in an additional account takeover via a likely targeted phishing campaign.
Unwrapping Package Tracking Phishing with Validin

Unwrapping Package Tracking Phishing with Validin

Introduction In this post, I’ll walk you through using Validin’s DNS history and enrichment capabilities to investigate a common smishing scam: text messages declaring that your package cannot be delivered due to incomplete address information.
Introducing Validin: The Ultimate Passive DNS Threat Hunting Platform

Introducing Validin: The Ultimate Passive DNS Threat Hunting Platform

At Validin, we seek to make it as easy as possible to search for accurate, timely, and complete passive DNS about public networks for threat hunting and attack surface management.
End of content
No more pages to load

Eliminate blind spots with comprehensive DNS history.