Nespresso Domain Serves Up Steamy Cup of Phish, No Cream or Sugar
April 22, 2024 at 03:44PM A phishing campaign targeted Nespresso’s website, exploiting a bug and evading detection by adding malicious links. It starts with a deceptive Bank of America email, tricking targets into a compromised Nespresso URL. The attackers utilize an open redirect vulnerability, bypassing security tools. The campaign consistently uses infected Nespresso URLs and … Read more