Attack Library
Ivy League Health Director Compromised in Monkeypox Scare Spoof
By leveraging a recent public health crisis and targeting universities, the attacker hopes to elicit immediate action and steal email credentials.
Seized Funds Phishing Attempt via JP Morgan Chase & Co Impersonation
This attack features an impersonation by a well-known bank that attempts to steal account credentials.
Attack Spoofs Debt Relief Agency and Impersonates Attorney
This attack features an impersonation of an attorney on behalf of a debt relief agency in an attempt to receive a $1,000 payment.
Zelle Impersonation Attack Targets Branch Manager
A popular money transferring service is impersonated in an attempted extortion.
Attacker Requests £61,000 Using Compromised Vendor Account with Lookalike Email Cc'ed
Attackers hijack an ongoing thread and create a lookalike domain to continue the conversation as part of an invoice fraud attack.
Attempted Payment Fraud Using Lookalike Domain and Real Invoices Targets Manufacturing Company
Attackers pose as existing vendors and use lookalike domain and real invoices in attempt to fraudulently update payment information.
Phishing Attack Disguised as Notification Informing VP Storage Capacity Limit Exceeded
Attackers disguise phishing email to VP at financial institution as notification that full storage capacity has been reached and emails will no longer be delivered.
Fake Email Account Deactivation Notice with Phishing Link Targeting Online Retailer
Attackers pose as the internal support team at an online retailer and claim the recipient's email account has been queued for deactivation in an attempt to steal credentials or install malware.
Brand Impersonation Phishing Attack Targets VIP Using Fake Zoom Meeting Invite
This phishing attack leverages brand impersonation in an attempt to trick a VIP into clicking on a phishing link disguised as a Zoom meeting invite.
Phishing Attack Impersonates Real Estate Agent Sending Fake Document Notification to Lawyer
This phishing attack impersonated a real estate agent using dotloop, a real estate transaction management software, to trick the recipient into visiting a phishing website.
Attacker Impersonates Partner at Venture Capital Firm to Execute Payroll Diversion
This payroll diversion attack impersonated a partner at a venture capital firm inquiring about how to update direct deposit information to a new bank.
Attacker Impersonates Attorney and Sends Fake Dropbox File Transfer Notification to Deliver Malware
This malware attack impersonated a real attorney at a real firm using Dropbox to transfer a file purported to be a contract that is likely malicious.
Fake Payment Message Leads to Malware Infected ZIP File Download
Attackers trick recipients into opening a ZIP file containing malware by stating that the file contains payment information for a recent purchase.
Danish BEC Attack Impersonates CEO to Request Gift Cards
This Danish-language BEC attack impersonated a company CEO to request the purchase of iTunes gift cards.
BEC Attack Impersonates Vendor to Request Account Update Using Fake Bank Authorization Letter
This BEC attack impersonated a vendor using a lookalike domain and fake bank authorization letter to request an update to their payment account information.
Credential Phishing Attack Poses as a Secure Message Shared by the IRS
This link-based attack impersonated the IRS using the pretext of sharing a secure ShareFile message that led to a phishing site designed to steal email credentials.
Phishing Attack Impersonating FedEx Steal Personal and Financial Data Using Captcha Protection and MFA Bypass
This phishing attack impersonated FedEx using a fake shipping notification pretext to direct a recipient to a captcha-protected phishing page created to steal personal and financial information using MFA bypass tactics.
Fake Billing Scam Poses as a Receipt for a Quickbooks License Upgrade
This fake billing scam posed as a receipt for an upgraded Quickbooks license to get the recipient to reach out via phone and likely coerce them into installing malware.
Italian-Language Aging Report Theft BEC Attack Impersonates Company Executive
This Italian-language BEC attack impersonated a company executive to request a list of customers and their overdue balances.
Attack Uses Fake OneNote Attachment to Deliver Malware
This attack posted as a shared settlement document containing a malicious OneNote (.ONE) attachment to deliver malware.