Attack Library
Attacker Utilizes Fake Voicemail Attachment in Malware Delivery
Harnessing a legitimate-looking domain as a mask, an attacker attempts to infect a recipient's computer with malware by pretending to send a voicemail attachment.
Credential Phisher Impersonates Internal Company Admin to Steal Sensitive Information
Using a real domain from the company as a mask, an attacker informs the recipient of blocked emails and provides links to help resolve the issue.
Insurance Company Impersonator Provides Fake Benefits Document in Likely AI-Generated Attempted Malware Delivery
An attacker leverages a legitimate-looking domain as a mask to send a likely malware-infected document purportedly about benefits information.
Coinbase Impersonator Attempts Credential Theft by Claiming Account Restriction
Hiding the actual sending domain behind a display name of "Coinbase," an attacker spoofs Coinbase's customer support to steal sensitive information.
Robinhood Impersonator Attempts Credential Theft With Fake Withdrawal Notification
By leveraging a domain similar to official Robinhood communications, an attacker attempts to steal sensitive information by creating a sense of urgency.
Sophisticated Attacker Impersonates a Company Admin and Utilizes Microsoft-Branded QR Code in Attempted Credential Phishing
An attacker creates a fake Microsoft-branded QR code and landing page to compel the recipient to enter sensitive information.
Multi-Layered Malware Attack Utilizes File-Sharing Tool Smash To Send Malicious PDF
An attacker gains control of a domain before attempting a payload-based attack using the file-sharing tool Smash.
Vacation Planner Impersonator Attempts Credential Phishing with Compromised Account
An attacker gains control of a vacation resort’s customer service email address and attempts to steal sensitive information after informing the recipient of a refund.
Apple Impersonator Creates Fake Landing Page in Credential Phishing Attempt
An attacker cleverly designs a fake landing page that mimics Apple’s legitimate website to entice the recipient to input sensitive information.
Multi-Layer Payment Fraud Attack Attempts Redirect of $13.5 Million Invoice
After compromising a construction company, an attacker circumvents typical security protocols and creates a look-alike domain in a fake billing scam.
TSB Bank Impersonator Uses Look-alike Domain in Likely AI-Generated Credential Phishing Attack
An attacker utilizes an unregistered look-alike domain as a mask to impersonate TSB Bank and steal sensitive information.
Netflix Impersonator Likely Utilizes Generative AI in Credential Phishing Attack
An attacker takes control of a legitimate domain to impersonate Netflix customer support in a credential theft attempt.
Attacker Takes Over Established Domain in Likely AI-Generated Credential Phishing
An attacker breaks into an 21-year-old email account and links to a malicious IPFS gateway to steal sensitive information.
Likely AI-Generated Metlife Advisor Impersonator Attempts Financial Services Scam
An attacker uses social engineering techniques to build trust with a recipient before likely stealing sensitive information and money.
Fake Billing Scam Attempts Payment Fraud for $114,000 with New Banking Details
An attacker impersonates an accountant using a free webmail account to request payment of a $114,000 invoice.
BEC Attack Requests New Payment Methods for Outstanding Invoices in Attempted Payment Fraud
After gaining access to a legitimate account, an attacker attempts payment fraud by requesting ACH transfers instead of payments via check.
Amazon Spoofer Attempts Credential Phishing with Look-alike Domain
Using friendly language and a hidden malicious link, an attacker impersonates Amazon to steal sensitive information.
Sophisticated USPS Impersonator Attempts Credential Theft in Multi-Layered Attack
An attacker likely uses generative AI to create a fake automated USPS message about incorrect address information, including links to a fake USPS landing page.
Investment Opportunity Spoofer Offers Financial Services in Likely AI-Generated Scam
An attacker offers business financing options and promises commission for all successful referrals using a spoofed address.
Cosmetics Brand Impersonator Attempts Payment Fraud in Fake Billing Scam
An attacker uses generative AI to attempt payment fraud by impersonating an Australian cosmetics brand.