This case study details a phishing incident targeting an Global Payment Platform that resulted in compromised data being available and distributed on an internet forum.
Phishing is the main method that attackers use to acquire account credentials throughout the cybercrime ecosystem, though the value of such an attack is within the distribution of this stolen information. Information and data acquired through nefarious means is readily shared on the dark web.
Many other platforms can also host such content, such as paste sites, social platforms, internet forums, blogs and messaging Apps such as Telegram Groups. In this instance, the phishing attack resulted in confidential information released on an internet forum, where freedom of speech and sharing of information is less monitored than that of more prominent sites like social media and news platforms.