Search the repository of unique attacks observed by the Abnormal Intelligence team.
Credential Phisher Impersonates Internal Company Admin to Steal Sensitive Information

Using a real domain from the company as a mask, an attacker informs the recipient of blocked emails and provides links to help resolve the issue.

Insurance Company Impersonator Provides Fake Benefits Document in Likely AI-Generated Attempted Malware Delivery

An attacker leverages a legitimate-looking domain as a mask to send a likely malware-infected document purportedly about benefits information.

Coinbase Impersonator Attempts Credential Theft by Claiming Account Restriction

Hiding the actual sending domain behind a display name of "Coinbase," an attacker spoofs Coinbase's customer support to steal sensitive information.

Robinhood Impersonator Attempts Credential Theft With Fake Withdrawal Notification

By leveraging a domain similar to official Robinhood communications, an attacker attempts to steal sensitive information by creating a sense of urgency.

Sophisticated Attacker Impersonates a Company Admin and Utilizes Microsoft-Branded QR Code in Attempted Credential Phishing

An attacker creates a fake Microsoft-branded QR code and landing page to compel the recipient to enter sensitive information.

Multi-Layered Malware Attack Utilizes File-Sharing Tool Smash To Send Malicious PDF

An attacker gains control of a domain before attempting a payload-based attack using the file-sharing tool Smash.

Vacation Planner Impersonator Attempts Credential Phishing with Compromised Account

An attacker gains control of a vacation resort’s customer service email address and attempts to steal sensitive information after informing the recipient of a refund.

Apple Impersonator Creates Fake Landing Page in Credential Phishing Attempt

An attacker cleverly designs a fake landing page that mimics Apple’s legitimate website to entice the recipient to input sensitive information.

Multi-Layer Payment Fraud Attack Attempts Redirect of $13.5 Million Invoice

After compromising a construction company, an attacker circumvents typical security protocols and creates a look-alike domain in a fake billing scam.

TSB Bank Impersonator Uses Look-alike Domain in Likely AI-Generated Credential Phishing Attack

An attacker utilizes an unregistered look-alike domain as a mask to impersonate TSB Bank and steal sensitive information.

Netflix Impersonator Likely Utilizes Generative AI in Credential Phishing Attack

An attacker takes control of a legitimate domain to impersonate Netflix customer support in a credential theft attempt.

Attacker Takes Over Established Domain in Likely AI-Generated Credential Phishing

An attacker breaks into an 21-year-old email account and links to a malicious IPFS gateway to steal sensitive information.

Likely AI-Generated Metlife Advisor Impersonator Attempts Financial Services Scam

An attacker uses social engineering techniques to build trust with a recipient before likely stealing sensitive information and money.

Fake Billing Scam Attempts Payment Fraud for $114,000 with New Banking Details

An attacker impersonates an accountant using a free webmail account to request payment of a $114,000 invoice.

BEC Attack Requests New Payment Methods for Outstanding Invoices in Attempted Payment Fraud

After gaining access to a legitimate account, an attacker attempts payment fraud by requesting ACH transfers instead of payments via check.

Amazon Spoofer Attempts Credential Phishing with Look-alike Domain

Using friendly language and a hidden malicious link, an attacker impersonates Amazon to steal sensitive information.

Sophisticated USPS Impersonator Attempts Credential Theft in Multi-Layered Attack

An attacker likely uses generative AI to create a fake automated USPS message about incorrect address information, including links to a fake USPS landing page.

Investment Opportunity Spoofer Offers Financial Services in Likely AI-Generated Scam

An attacker offers business financing options and promises commission for all successful referrals using a spoofed address.

Cosmetics Brand Impersonator Attempts Payment Fraud in Fake Billing Scam

An attacker uses generative AI to attempt payment fraud by impersonating an Australian cosmetics brand.

Freight Company Impersonated in Likely AI-Generated Credential Theft Attempt

An attacker utilizes a close resemblance freight company DAT One's domain in a credential theft attempt.


Attack Type

Impersonated Party

Impersonated Brand

Attack Goal

Attack Vector

Attack Tactic

Attack Theme

Attack Language


See How Abnormal Stops Emerging Attacks

Get a Demo