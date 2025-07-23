DUBAI, DUBAI, UNITED ARAB EMIRATES, July 23, 2025 /EINPresswire.com/ -- ANY.RUN, a leading provider of threat analysis and intelligence, has released a detailed case study on phishing attacks exploiting DHL branding. The research uncovers crucial insights into early detection of supply chain attacks and offers practical steps for businesses to identify such threats.

𝐃𝐇𝐋 𝐒𝐩𝐨𝐨𝐟𝐢𝐧𝐠 𝐀𝐭𝐭𝐚𝐜𝐤 𝐀𝐠𝐚𝐢𝐧𝐬𝐭 𝐄𝐧𝐞𝐫𝐠𝐲 𝐈𝐧𝐝𝐮𝐬𝐭𝐫𝐲 𝐆𝐢𝐚𝐧𝐭

In an attack investigated by the team at ANY.RUN, threat actors impersonating DHL targeted Meralco, a major utility company in the Philippines, with deceptive emails designed to steal credentials.

● 𝐌𝐚𝐥𝐢𝐜𝐢𝐨𝐮𝐬 𝐀𝐭𝐭𝐚𝐜𝐡𝐦𝐞𝐧𝐭 𝐓𝐚𝐜𝐭𝐢𝐜𝐬: The email contained a file posing as a shipping invoice. When opened, it displayed a fake DHL-styled login page, prompting the user to enter credentials.

● 𝐂𝐫𝐞𝐝𝐞𝐧𝐭𝐢𝐚𝐥 𝐄𝐱𝐟𝐢𝐥𝐭𝐫𝐚𝐭𝐢𝐨𝐧 𝐯𝐢𝐚 𝐓𝐡𝐢𝐫𝐝-𝐏𝐚𝐫𝐭𝐲 𝐒𝐞𝐫𝐯𝐢𝐜𝐞: The login form sent entered data to a legitimate online form handler abused to collect stolen credentials.

● 𝐑𝐞𝐮𝐬𝐞𝐝 𝐈𝐧𝐟𝐫𝐚𝐬𝐭𝐫𝐮𝐜𝐭𝐮𝐫𝐞 𝐀𝐜𝐫𝐨𝐬𝐬 𝐂𝐚𝐦𝐩𝐚𝐢𝐠𝐧𝐬: Historical analysis found over 200 phishing samples leveraging the form handling service.

This case study highlights the technical methods used in modern supply chain phishing campaigns, from impersonation and infrastructure abuse to payload delivery and credential capture, and offers valuable indicators of compromise (IOCs) for defenders.



𝐇𝐨𝐰 𝐁𝐮𝐬𝐢𝐧𝐞𝐬𝐬 𝐔𝐬𝐞 𝐀𝐍𝐘.𝐑𝐔𝐍 𝐭𝐨 𝐃𝐞𝐭𝐞𝐜𝐭 𝐒𝐮𝐩𝐩𝐥𝐲 𝐂𝐡𝐚𝐢𝐧 𝐀𝐭𝐭𝐚𝐜𝐤𝐬 𝐄𝐚𝐫𝐥𝐲

Businesses utilizing ANY.RUN's solutions gain a significant edge in identifying and mitigating supply chain attacks, ensuring robust defense against cyber threats.

By safely interacting with suspicious emails, files, and URLs in a controlled sandbox environment, businesses can instantly identify and understand malware and phishing, ensuring they don’t spread further.

With access to TI Lookup’s searchable database of recent threats, businesses can swiftly verify if artifacts in alerts are linked to specific attacks, enabling rapid response and strengthened security measures.

𝐀𝐛𝐨𝐮𝐭 𝐀𝐍𝐘.𝐑𝐔𝐍

ANY.RUN is an interactive malware analysis and threat intelligence provider trusted by SOCs, CERTs, MSSPs, and cybersecurity researchers. The company’s solutions are leveraged by 15,000 corporate security teams for incident investigations worldwide.

With real-time visibility into malware behavior, a focus on real-time interaction and actionable intelligence, ANY.RUN accelerates incident response, supports in-depth research, and helps defenders stay ahead of evolving threats.

