A China-based cyber actor group is leveraging the trust associated with popular international brands to orchestrate a large-scale phishing campaign dating back as far as 2019. The threat actor, Fangxiao, is said to have registered over 42,000 imposter domains, with initial activity observed in 2017. Fangxiao targets businesses in multiple verticals, including retail, banking, travel, and energy. The offers promised financial or physical incentives are used to trick victims into further sprea
