Search the repository of unique attacks observed by the Abnormal Intelligence team.
Threat Actor Poses as Newrez and Uses Spoofed Email to Send Fake Loan Payoff Request in Phishing Attack

Cybercriminals impersonate a mortgage lender and use a fake notification of a new message to trick recipients into disclosing sensitive information.

Phishing Attack Mimics Capital One Password Reset Notification to Steal Login Credentials

Cybercriminals exploit the fear of an unauthorized password reset to deceive recipients into revealing sensitive information.

TD Bank Impersonator Uses Fake Contact Information Verification Request in Phishing Attack

Cybercriminals use a spoofed email and impersonated branding to pose as TD Bank and attempt to trick recipients into revealing sensitive information.

Phishing Attack Uses Compromised Account to Send Text-Free Email with Link to PDF Hosted on SharePoint

Threat actor sends fraudulent notification of online fax containing purchase order for review to compel target to view PDF containing phishing link.

Cybercriminals Impersonate Santander Bank with Fake Identity Verification in Credential Theft Attempt

A threat actor sends a fraudulent unauthorized transaction alert to trick targets into providing sensitive information.

Phishing Attack Disguised as Timesheet Update from HR Attempts to Steal Personal Data

Threat actors impersonate the target’s internal HR department to deceive recipients into revealing confidential information.

Threat Actors Use Fake Bank of America Security Alert to Attempt Credential Theft

Cybercriminals use bogus security notifications to exploit fear of account issues and harvest sensitive information.

Attackers Use Look-alike Domain to Impersonate Real LinkedIn Employee in Invoice Fraud Attack

Cybercriminals manufacture a sense of urgency by using a fraudulent invoice to deceive recipients into transferring funds to an account owned by the attacker.

Attacker Impersonates Internal University IT Department to Send Malware Using Fake Voice Message Notification

Cybercriminals send a malicious HTM attachment disguised as a voice message recording to deploy malware on recipients’ devices.

monday.com Impersonator Sends Fake HR Update in Likely-AI Generated Phishing Attack

Cybercriminals use a fraudulent employee code of conduct update to manipulate recipients into revealing private details.

Threat Actors Impersonate Squarespace with Fake Account Suspension Notification Designed to Steal Sensitive Information

Cybercriminals use a fraudulent email about a payment failure impacting domain renewal to steal sensitive information from unsuspecting recipients.

DHL Impersonator Leverages Spoofed Email and Mimicked Branding in Credential Theft Attempt

Cybercriminals use a fraudulent delivery interruption notice to trick recipients into visiting a malicious website and disclosing private details.

Phishing Attack Impersonates Apple with Fake "Apple ID Locked" Notification to Steal Sensitive Information

Threat actors use the fear of losing access to a critical account to trick recipients into revealing personal details.

Microsoft Impersonator Sends Fraudulent Device Registration Alert in Vishing Attack

A threat actor uses a bogus security notification to trick the target into calling a fake support number and divulging private details.

Cybercriminals Pose as Capital One and Incorporate Official Branding in Fake Refund Notification

Attackers exploit the fear of delayed access to funds to trick recipients into disclosing sensitive account information.

Threat Actors Impersonate Zoom and Use Fake Branded Login Page and CAPTCHA to Steal Credentials

Cybercriminals exploit the familiarity of Zoom invitations to trick recipients into revealing sensitive information.

Disney+ Impersonator Uses Security Update as Ruse to Steal Payment Information

A cybercriminal claims regulatory changes have restricted the target’s Disney+ account access and urges them to update payment details using the provided link.

Phisher Impersonates RingCentral and Sends Fake Voicemail Notification to Steal Credentials

Cybercriminals use a free Japanese hosting service to send fake voicemail alerts, aiming to steal sensitive login details.

Attacker Impersonates Government Official to Deceive Target Using Threat of Prosecution in Sophisticated Vishing Scheme

A threat actor claims the target’s social security number is being used fraudulently and will be suspended to convince them to call the provided contact number.

Cybercriminals Impersonate Apple to Trick Recipients Into Providing Sensitive Information

Using a spoofed email address, a threat actor claims the target is at risk of losing access to Apple Pay to convince them to visit a phishing site.

Filters

Attack Type

Impersonated Party

Impersonated Brand

Attack Goal

Attack Vector

Attack Tactic

Attack Theme

Attack Language

AI-Generated