Attackers impersonate the CEO using a spoofed email address to ask the recipient if they have been contacted by an attorney to facilitate an acquisition as the first stage of an attack designed to intercept a transaction.
Attackers impersonate a generic support team as part of a multi-stage malware attack, first informing the recipient that their password needs reset and asking them to call for support.
Attackers use a text-based email stating that they have access to the recipient’s personal information, including photos and browser history, stating that it will be deleted in exchange for a bitcoin payment.
Attackers impersonate the company payroll department to send a wage update that takes users to a OneDrive phishing page and steals Microsoft 365 credentials.