Phishing campaigns, some launched as recently as March, aimed at stealing credentials from Verizon mobile customers by spoofing the company’s support service.
Being mobile-focused and using an identifier for an official service from Verizon is what prompted researchers to categorize it as sophisticated above average.
The link delivering the phishing kit includes the abbreviation ‘ecrm,’ which Verizon uses as a sub-domain – ecrm.verizonwireless[.]com – for its Electronic Customer Relationship Management platform.
Source: BleepingComputer