Infosecurity-Magazine
Operation DoppelBrand Targets Fortune 500 Firms for Credential Theft
First seen 16 Feb 2026, 16:10 UTC
•



+1
•78% similarity
•33.3
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
Operation DoppelBrand is a phishing campaign identified by SOCRadar that targets major financial and technology firms, including Wells Fargo and USAA. The campaign, attributed to the financially motivated threat actor GS7, took place between December 2025 and January 2026, with links to prior activities dating back to 2022.
ThreatCluster AI
Timeline
2025-12-01
Operation DoppelBrand campaign begins targeting firms
2026-01-31
Operation DoppelBrand campaign ends
2026-02-16
Operation DoppelBrand publicly reported by SOCRadar