Search the repository of unique attacks observed by the Abnormal Intelligence team.
Spoofed DHL Email with Malicious QR Code Targets Recipients in Likely AI-Generated Credential Theft Attempt

Attackers impersonate DHL and email a PDF attachment containing a malicious QR code linked to a phishing page.

Spoofed Capital One Email Uses Account Freeze Alert to Steal Credentials

Phishing attack exploits urgency and trust to deceive recipients into revealing sensitive information.

Fake Shopify Deactivation Notice Exploits Telegram to Harvest Sensitive Information in Likely AI-Generated Attack

Cybercriminals impersonate Shopify to mislead recipients into engaging with a fraudulent Telegram support account.

Attacker Impersonates Australia Post Using Spoofed Address and Sends Bogus Delivery Alert to Attempt Credential Theft

Utilizing a spoofed sender address that closely resembles a legitimate email address, a threat actor hopes to trick targets into divulging private information.

DHL Impersonator Uses Spoofed Email and Microsoft CAPTCHA to Trick Targets in Phishing Attack

Threat actors hope to deceive recipients into revealing sensitive information by leveraging mimicked branding and spoofed versions of familiar security mechanisms.

Cybercriminals Send Bogus Microsoft Email System Update Alert in Likely AI-Generated Phishing Attack

Threat actors impersonate Microsoft and use a fake notification regarding a critical error to deceive targets into revealing sensitive information.

Phishers Pose as Amazon and Use Fraudulent Payment Alert to Steal Sensitive Information

Attackers impersonate Amazon and claim there is an issue with the target’s Prime account in hopes of deceiving them into revealing private data.

Netflix Impersonator Attempts Credential Theft in Likely AI-Generated Phishing Attack

Utilizing a look-alike domain and mimicked branding, threat actors hope to deceive targets into revealing sensitive information.

Attacker Impersonates Instagram and Uses Fake Verified Badge Notification to Steal Credentials

Cybercriminals mimic Instagram and Meta branding in a malicious email and spoofed login portal in this phishing attack.

Threat Actors Exploit Docusign to Share Link to Spoofed Microsoft Login and Steal Credentials

An attacker uses Docusign to share a document containing a malicious link hidden behind a Cloudflare Turnstile.

Attackers Weaponize Zoom Docs to Phish Targets Using Fake Microsoft Portal

A threat actor exploits Zoom Docs to deliver a file with a malicious link that utilizes a Cloudflare Turnstile before redirecting to a phishing page.

Attackers Pose as Social Security Administration and Use Fake Benefits Update to Deploy Malware

Cybercriminals exploit trust in government communications to trick recipients into downloading a malicious file.

Fake Quickbooks Suspension Email Aims to Steal Account Information in Likely AI-Generated Phishing Attack

Using a spoofed email, threat actors impersonate Quickbooks and attempt to manipulate targets into revealing sensitive information.

Virgin Media Impersonator Sends Fake Security Update to Steal Login Credentials

Threat actors exploit an iCloud address to attempt credential theft via a malicious login portal featuring mimicked branding.

Phishing Attack Impersonates MetaMask with Fake KYC Verification Request

Cybercriminals exploit urgency and KYC compliance to trick recipients into revealing sensitive cryptocurrency wallet information.

Threat Actor Poses as Newrez and Uses Spoofed Email to Send Fake Loan Payoff Request in Phishing Attack

Cybercriminals impersonate a mortgage lender and use a fake notification of a new message to trick recipients into disclosing sensitive information.

Phishing Attack Mimics Capital One Password Reset Notification to Steal Login Credentials

Cybercriminals exploit the fear of an unauthorized password reset to deceive recipients into revealing sensitive information.

TD Bank Impersonator Uses Fake Contact Information Verification Request in Phishing Attack

Cybercriminals use a spoofed email and impersonated branding to pose as TD Bank and attempt to trick recipients into revealing sensitive information.

Phishing Attack Uses Compromised Account to Send Text-Free Email with Link to PDF Hosted on SharePoint

Threat actor sends fraudulent notification of online fax containing purchase order for review to compel target to view PDF containing phishing link.

Cybercriminals Impersonate Santander Bank with Fake Identity Verification in Credential Theft Attempt

A threat actor sends a fraudulent unauthorized transaction alert to trick targets into providing sensitive information.

Filters

Attack Type

Impersonated Party

Impersonated Brand

Attack Goal

Attack Vector

Attack Tactic

Attack Theme

Attack Language

AI-Generated