Secplicity Blog - Phishing

Ongoing Widespread Credential Harvesting Campaign Targets VPN Providers

13 January 2026 By Ryan Estes
WatchGuard logo

Introduction At the turn of the year, we were alerted to a doppelganger domain impersonating WatchGuard’s Mobile VPN with SSL, delivering a malicious spoofed client to steal credentials. Navigating directly to the doppelganger domain resulted in a benign informational WatchGuard VPN page. However…

Read more

AsyncRAT Phishing Campaign Targeting Hotel Staff

18 April 2025 By Marc Laliberte
Screenshot of the phishing dialog

At the beginning of April, WatchGuard received a report from a customer in the hospitality business describing a new phishing campaign targeting their staff. The attack starts with the threat actor opening a reservation request with the hotel, which they then cancel by email, citing a bad review for…

Read more