"Power Parasites" Phishing Campaign Targets Energy Firms and Major Brands

Silent Push Threat Analysts have uncovered a widespread phishing and scam operation dubbed “Power Parasites,” targeting prominent energy companies and major global brands across multiple sectors in 2024.

This campaign, active primarily in Asian countries such as Bangladesh, Nepal, and India, leverages a sophisticated network of deceptive websites, social media platforms, and Telegram channels to perpetrate job and investment fraud.

By impersonating trusted entities like Siemens Energy, Schneider Electric, Repsol S.A., Suncor Energy, and even non-energy brands like Netflix and Starlink, the threat actors behind Power Parasites have orchestrated a multi-faceted attack aimed at exploiting unsuspecting individuals through financial phishing and fraudulent recruitment schemes.

Infrastructure Analysis Reveals Over 150 Active Domains

Technical investigations by Silent Push have mapped over 150 domains linked to the Power Parasites campaign in 2024, showcasing an intricate infrastructure designed for scalability and evasion.

Initial pivots into the campaign’s network began with domains such ...