Cybercriminals mimic Instagram and Meta branding in a malicious email and spoofed login portal in this phishing attack.
An attacker uses Docusign to share a document containing a malicious link hidden behind a Cloudflare Turnstile.
A threat actor exploits Zoom Docs to deliver a file with a malicious link that utilizes a Cloudflare Turnstile before redirecting to a phishing page.
Cybercriminals exploit trust in government communications to trick recipients into downloading a malicious file.
Using a spoofed email, threat actors impersonate Quickbooks and attempt to manipulate targets into revealing sensitive information.
Threat actors exploit an iCloud address to attempt credential theft via a malicious login portal featuring mimicked branding.
Cybercriminals exploit urgency and KYC compliance to trick recipients into revealing sensitive cryptocurrency wallet information.
Cybercriminals impersonate a mortgage lender and use a fake notification of a new message to trick recipients into disclosing sensitive information.
Cybercriminals exploit the fear of an unauthorized password reset to deceive recipients into revealing sensitive information.
Cybercriminals use a spoofed email and impersonated branding to pose as TD Bank and attempt to trick recipients into revealing sensitive information.
Threat actor sends fraudulent notification of online fax containing purchase order for review to compel target to view PDF containing phishing link.
A threat actor sends a fraudulent unauthorized transaction alert to trick targets into providing sensitive information.
Threat actors impersonate the target’s internal HR department to deceive recipients into revealing confidential information.
Cybercriminals use bogus security notifications to exploit fear of account issues and harvest sensitive information.
Cybercriminals manufacture a sense of urgency by using a fraudulent invoice to deceive recipients into transferring funds to an account owned by the attacker.
Cybercriminals send a malicious HTM attachment disguised as a voice message recording to deploy malware on recipients’ devices.
Cybercriminals use a fraudulent employee code of conduct update to manipulate recipients into revealing private details.
Cybercriminals use a fraudulent email about a payment failure impacting domain renewal to steal sensitive information from unsuspecting recipients.
Cybercriminals use a fraudulent delivery interruption notice to trick recipients into visiting a malicious website and disclosing private details.
Threat actors use the fear of losing access to a critical account to trick recipients into revealing personal details.