On June 16, 2025, a suspicious domain impersonating AnyDesk — anydeske[.]icu — was reported on Twitter. The site served what appeared to be a legitimate remote access tool but actually delivered a malicious .NET loader.
A recently observed phishing campaign impersonating Egypt Post (البريد المصري) has been attributed to the Smishing Triad, a well-documented cybercriminal group for their phishing (smishing) campaigns across multiple countries. The campaign impersonates Egypt Post, aiming