This resource is no longer available
Beginning in January 2021, several INKY users began receiving emails with fake RFPs. These supposed RFPs came from recipients’ legitimate contacts that had been compromised by bad actors.
In this case, phishers were staging their forays from Adobe Spark, a cloud-based design application. Unknowingly, Adobe had been facilitating this campaign for months.
Even today, customized documents with malicious links are being hosted on Adobe Spark, and each instance remains active until Adobe receives an abuse report (like the one below) and takes it down.
Read this case study to learn how the attackers carried this out and explore best practices for phishing prevention.