News Summary:
On April 3, 2026, hackers were found increasingly exploiting trusted online platforms to launch sophisticated phishing campaigns targeting bank users in the Philippines. This method remains effective due to its scalability and ease of deployment, even with ongoing improvements in email security. Previously on March 31, cybersecurity researchers provided further details on "Phantom Stealer," a .NET-based infostealer. Sold as part of a commercial cybercrime toolkit under subscription tiers, this malware bundles a stealer, crypter, and remote access tool (RAT), and collects browser credentials, cookies, saved passwords, autofill data, and payment card information from infected systems. Earlier the same day, a study revealed a surge in fake shipment tracking scams throughout 2025 and early 2026 in the Middle East and Africa (MEA), targeting residents awaiting deliveries. Cybercriminals are exploiting courier delivery services using Sender ID spoofing and real-time keylogging to steal personal information, banking credentials, and OTPs, a trend driven by Phishing-as-a-Service (PhaaS) platforms.
Subscribe for full access to Group-IB's products in full detail 
