More than 615,000 users in different countries, including Egypt, the Philippines, Pakistan and Nepal, were targeted by the initiative. Phishing sites that impersonate real businesses are the landing pages. Once the victims have given the passwords, via a Firestore database and a domain hosted on GoDaddy, they will be forwarded to the perpetrators. The campaign seems to be well coordinated, threatening actors using localised Facebook posts and accounts that resemble legitimate organisations and individual countries’ target advertising....