An attacker attempts credential theft via a PDF attachment with DocuSign branding containing a QR code linked to a phishing site impersonating a Microsoft login page.
After breaking into a vendor’s email account, an attacker creates a look-alike domain to send a large invoice and discuss rerouting payments to a new bank account.
An attacker capitalizes on the inherent urgency of tax season and attempts to trick a target into clicking a malicious JPG to view purported tax documents.
Using a legitimate sending domain as a mask and a spoofed display name, an attacker pretends to be from Capital One’s customer service team to steal login credentials.
After spoofing a legitimate domain, an attacker uses a fake password-protected financial document to steal sensitive information.
After breaking into a vendor’s email account, an attacker uses official-sounding language to mimic legitimate communications and attempt payment fraud.
In a modern twist on the classic “Nigerian Prince” scam, an attacker poses as a UN employee to establish trust and compel the target to contact them via the provided phone number.
Threat actors launch highly targeted and sophisticated phishing attack to trick former Bittrex users into divulging sensitive information.
By playing on the sympathy of the recipients, the attacker hopes they can persuade targets to send funds to the provided cryptocurrency wallets.
An attacker poses as a bank representative and creates a sense of urgency regarding the target’s credit card to compel them to click an embedded phishing link.
A phisher uses a spoofed domain to send a malicious email that incorporates PayPal's branding and creates a sense of urgency around potential account closure.
Using a look-alike domain, an attacker impersonates a vendor and sends a remittance request for a fake invoice totaling nearly $1,000,000.
After spoofing a legitimate email address, a threat actor sends university students a fraudulent offer for loan services and includes seemingly accurate contact information.
By compromising a legitimate domain, an attacker hopes to entice the target to a credential phishing website where sensitive information like payment details can be stolen.
An attacker uses a look-alike domain and Disney+ branding to trick a target into calling a fake customer service phone number related to a new Disney+ subscription.
Threat actor attempts to fraudulently obtain credentials and/or payment details using Amazon-branded PDF containing an embedded phishing link.
An attacker attempts to steal sensitive information by encouraging the recipient to use a masked phishing link to update their shipping address for a pending delivery.
An attacker attempts to steal login credentials and also reroute payments by sharing a fraudulent invoice behind a fake Adobe Acrobat login screen.
By creating a sense of urgency and using official-sounding language, an attacker attempts to compel the target to click a phishing link purportedly related to payroll updates.
An attacker compromises a vendor account and sends the target a fake Microsoft SharePoint link purportedly to a time-sensitive service agreement.