Search the repository of unique attacks observed by the Abnormal Intelligence team.
Zelle Impersonation Attack Targets Branch Manager

A popular money transferring service is impersonated in an attempted extortion.

Attacker Requests £61,000 Using Compromised Vendor Account with Lookalike Email Cc'ed

Attackers hijack an ongoing thread and create a lookalike domain to continue the conversation as part of an invoice fraud attack.

Attempted Payment Fraud Using Lookalike Domain and Real Invoices Targets Manufacturing Company

Attackers pose as existing vendors and use lookalike domain and real invoices in attempt to fraudulently update payment information.

Phishing Attack Disguised as Notification Informing VP Storage Capacity Limit Exceeded

Attackers disguise phishing email to VP at financial institution as notification that full storage capacity has been reached and emails will no longer be delivered.

Fake Email Account Deactivation Notice with Phishing Link Targeting Online Retailer

Attackers pose as the internal support team at an online retailer and claim the recipient's email account has been queued for deactivation in an attempt to steal credentials or install malware.

Brand Impersonation Phishing Attack Targets VIP Using Fake Zoom Meeting Invite

This phishing attack leverages brand impersonation in an attempt to trick a VIP into clicking on a phishing link disguised as a Zoom meeting invite.

Phishing Attack Impersonates Real Estate Agent Sending Fake Document Notification to Lawyer

This phishing attack impersonated a real estate agent using dotloop, a real estate transaction management software, to trick the recipient into visiting a phishing website.

Attacker Impersonates Partner at Venture Capital Firm to Execute Payroll Diversion

This payroll diversion attack impersonated a partner at a venture capital firm inquiring about how to update direct deposit information to a new bank.

Attacker Impersonates Attorney and Sends Fake Dropbox File Transfer Notification to Deliver Malware

This malware attack impersonated a real attorney at a real firm using Dropbox to transfer a file purported to be a contract that is likely malicious.

Danish BEC Attack Impersonates CEO to Request Gift Cards

This Danish-language BEC attack impersonated a company CEO to request the purchase of iTunes gift cards.

BEC Attack Impersonates Vendor to Request Account Update Using Fake Bank Authorization Letter

This BEC attack impersonated a vendor using a lookalike domain and fake bank authorization letter to request an update to their payment account information.

Credential Phishing Attack Poses as a Secure Message Shared by the IRS

This link-based attack impersonated the IRS using the pretext of sharing a secure ShareFile message that led to a phishing site designed to steal email credentials.

Phishing Attack Impersonating FedEx Steal Personal and Financial Data Using Captcha Protection and MFA Bypass

This phishing attack impersonated FedEx using a fake shipping notification pretext to direct a recipient to a captcha-protected phishing page created to steal personal and financial information using MFA bypass tactics.

Fake Billing Scam Poses as a Receipt for a Quickbooks License Upgrade

This fake billing scam posed as a receipt for an upgraded Quickbooks license to get the recipient to reach out via phone and likely coerce them into installing malware.

Italian-Language Aging Report Theft BEC Attack Impersonates Company Executive

This Italian-language BEC attack impersonated a company executive to request a list of customers and their overdue balances.

Attack Uses Fake OneNote Attachment to Deliver Malware

This attack posted as a shared settlement document containing a malicious OneNote (.ONE) attachment to deliver malware.

Phishing Attack Uses Pretext of Shared Tax Documents to Steal Employee Credentials

This link-based attack incorporated a fake file attachment posing as shared tax documents that led to a phishing page meant to steal email credentials across multiple email providers.

Email Posing as Request for Tax Help Pivots from Response-based to Link-based Attack to Deliver Malware

This attack posed as a prospective client requesting assistance on tax returns that was used to deliver malware via a malicious link in a follow-up message.

BEC Attack Poses as a Factoring Company to Request Aging Report with Customer Payment Information

This BEC attack impersonated an external factoring company using a free webmail account with a customized impersonation username to request a copy of an updated aging report containing customer payment and contact information.

BEC Attack Targets Head of Human Resources to Request Copies of Employee W-2s

This BEC attack impersonated the company CEO using multiple free webmail accounts to request a copy of all employee W-2s.


Attack Type

Impersonated Party

Impersonated Brand

Attack Goal

Attack Vector

Attack Tactic

Attack Theme

Attack Language

See How Abnormal Stops Emerging Attacks

Get a Demo