Skip to content
All publications
VSPAM-2026-008February 17, 2026

Weekly Threat Briefing: February 17–23, 2026

By vspam.org Research Team

Abstract

Weekly summary of notable phishing campaigns, newly observed tactics, and community reporting trends. This week features a spike in QR-code phishing targeting corporate Microsoft 365 accounts and a new phishing kit distributed via Telegram channels.

Key Findings

  1. 1QR-code phishing (quishing) reports increased 340% week-over-week, primarily targeting M365 credentials
  2. 2New phishing kit 'PayGate-v3' identified across 120+ domains, distributed via Telegram marketplace
  3. 3Community submitted 8,247 reports this week; 6,102 confirmed, 891 rejected, 1,254 pending review
  4. 4Top targeted brands: Microsoft (28%), PayPal (14%), DHL (11%), Amazon (9%), Apple (7%)
  5. 53 hosting providers issued proactive takedowns within 1 hour of vspam.org abuse notification

Topics

weekly-briefingqr-phishingmicrosoft-365phishing-kits
Download PDFAll publications

Cite this report

vspam.org Research Team. "Weekly Threat Briefing: February 17–23, 2026." VSPAM-2026-008, vspam.org, February 17, 2026. https://vspam.org/research/weekly-threat-briefing-feb-17-23-2026

Licensed under CC BY 4.0. You may share and adapt this work with attribution.