Attack Library
Credential Phishing Attack Poses as a Secure Message Shared by the IRS
This link-based attack impersonated the IRS using the pretext of sharing a secure ShareFile message that led to a phishing site designed to steal email credentials.
Phishing Attack Impersonating FedEx Steal Personal and Financial Data Using Captcha Protection and MFA Bypass
This phishing attack impersonated FedEx using a fake shipping notification pretext to direct a recipient to a captcha-protected phishing page created to steal personal and financial information using MFA bypass tactics.
Fake Billing Scam Poses as a Receipt for a Quickbooks License Upgrade
This fake billing scam posed as a receipt for an upgraded Quickbooks license to get the recipient to reach out via phone and likely coerce them into installing malware.
Italian-Language Aging Report Theft BEC Attack Impersonates Company Executive
This Italian-language BEC attack impersonated a company executive to request a list of customers and their overdue balances.
Attack Uses Fake OneNote Attachment to Deliver Malware
This attack posted as a shared settlement document containing a malicious OneNote (.ONE) attachment to deliver malware.
Phishing Attack Uses Pretext of Shared Tax Documents to Steal Employee Credentials
This link-based attack incorporated a fake file attachment posing as shared tax documents that led to a phishing page meant to steal email credentials across multiple email providers.
Email Posing as Request for Tax Help Pivots from Response-based to Link-based Attack to Deliver Malware
This attack posed as a prospective client requesting assistance on tax returns that was used to deliver malware via a malicious link in a follow-up message.
BEC Attack Poses as a Factoring Company to Request Aging Report with Customer Payment Information
This BEC attack impersonated an external factoring company using a free webmail account with a customized impersonation username to request a copy of an updated aging report containing customer payment and contact information.
BEC Attack Targets Head of Human Resources to Request Copies of Employee W-2s
This BEC attack impersonated the company CEO using multiple free webmail accounts to request a copy of all employee W-2s.
Email Poses as an Incoming ACH Payment with HTML Attachment Leading to Branded Credential Phishing Page
This payload-based attack posed as a fake incoming ACH payment masked as an automated email from an internal company system, which contained an HTML attachment that led to a branded phishing page intended to steal the recipient’s credentials.
Hungarian BEC Attack Impersonates Executive to Request a Payment to a Fake UK Company
This Hungarian-language BEC attack impersonated a company executive using a freely-available Gmail account to request a payment to be sent to a fictitious company located in the United Kingdom.
Phishing Attack Steals Credentials by Imitating HR Request to Review New Employee Handbook
This link-based attack imitated a company human resources email that announced the release of a new employee handbook, which included a link to a phishing page meant to steal an employee’s name and email credentials.
Payload Credential Phishing Attack Poses as an HR Announcement About New Employee Benefits
This payload-based phishing attack posed as an announcement from the company human resources team about updates to the company’s employee benefits package and requested the recipient review a supposed updated handbook, which actually opened a phishing page to steal account credentials.
French-language BEC Attack Impersonates Executive Requesting Assistance in a Corporate Acquisition
This French-language BEC attack impersonated a company executive using a free webmail account created with a lookalike username to request assistance making a payment that was supposedly part of a corporate acquisition.
BEC Attack Impersonates a CEO Using a Combination of a Spoofed Email Address and Reply-to Address with a Mirrored Username
This BEC attack impersonated a company CEO using a combination of a spoofed email address and an account hosted on a malicious domain created with a username matching the CEO’s to request a fraudulent payment.
Extortion Attack Impersonates French Law Enforcement and Europol
This extortion attack impersonated French law enforcement and Europol to attempt to coerce a target into contacting a secondary email address using threats of arrest and media exposure.
BEC Attack Impersonates Distribution Supplier and Offers Discount as an Incentive for Quick Payment
This BEC attack impersonated an external distribution partner using a compromised account and encrypted email service to inquire about outstanding payments, update payment account information, and offer a discount as a quick payment incentive.
Italian-language BEC Attack Attempts to Divert Executive's Paycheck
This Italian-language BEC attack impersonated a company executive to request an update to their payroll account information that would divert future paychecks to a fraudulent account.
Response-based Phishing Attack Impersonates CFO to Compromise Australian myGov Credentials
This attack impersonated a company CFO using a pretext of employee rewards and recognition to solicit a response leading to a request for Australian myGov credentials.
Credential Phishing Attack Poses as an Automated Aging Report Notification
This payload-based attack posed as an aging report being shared by an automated internal system that contained an HTML attachment leading to a credential phishing page.