Threat Alert: AI-DRIVEN LEAD GENERATION LURES

• In this threat, users are enticed by the possibility of lucrative, AI-powered lead generation opportunities to expand 
  business prospects.
• Threat actors distributed email messages with fraudulent offers for recipients intending to expand or take advantage of 
  new business opportunities.
• These attacks attempt to capitalize on the increasingly popular topic of AI to entice users into downloading malicious payloads onto their devices.

How is it used in the wild?

• Using fake email accounts associated with fictitious businesses, threat actors distributed email messages with fraudulent offers of utilizing AI-driven lead generation systems.
• If users opened the URLs within the message body, they were directed to an actor-controlled landing page. To successfully pass a CAPTCHA challenge, users were prompted to copy, paste, and execute malicious commands provided via the ClickFix technique.
• Payloads such as Rhadamanthys, DOILoader, or DeerStealer would then enable threat actors to gather information about the victim environment, such as login credentials, browser history, and cryptocurrency wallets.
  

Key Action: Stay Alert!

• Avoid interacting with web advertising.
• Never install software from an unknown source.
• Avoid interacting with links or attachments in unsolicited email.
• Report ANY suspicious emails via Phish Alarm.