This Hungarian-language BEC attack impersonated a company executive using a freely-available Gmail account to request a payment to be sent to a fictitious company located in the United Kingdom.
This link-based attack imitated a company human resources email that announced the release of a new employee handbook, which included a link to a phishing page meant to steal an employee’s name and email credentials.
This payload-based phishing attack posed as an announcement from the company human resources team about updates to the company’s employee benefits package and requested the recipient review a supposed updated handbook, which actually opened a phishing page to steal account credentials.
This French-language BEC attack impersonated a company executive using a free webmail account created with a lookalike username to request assistance making a payment that was supposedly part of a corporate acquisition.
This BEC attack impersonated a company CEO using a combination of a spoofed email address and an account hosted on a malicious domain created with a username matching the CEO’s to request a fraudulent payment.
This extortion attack impersonated French law enforcement and Europol to attempt to coerce a target into contacting a secondary email address using threats of arrest and media exposure.
This BEC attack impersonated an external distribution partner using a compromised account and encrypted email service to inquire about outstanding payments, update payment account information, and offer a discount as a quick payment incentive.
This Italian-language BEC attack impersonated a company executive to request an update to their payroll account information that would divert future paychecks to a fraudulent account.
This attack impersonated a company CFO using a pretext of employee rewards and recognition to solicit a response leading to a request for Australian myGov credentials.
This payload-based attack posed as an aging report being shared by an automated internal system that contained an HTML attachment leading to a credential phishing page.
This BEC attack impersonated Eurocontrol using a spoofed email address and a lookalike domain to pressure a target into sending a fraudulent payment for a supposed overdue payment.
This extortion attack impersonated a debt collection company to try and pressure the recipient into sending a fraudulent payment to fulfill an outstanding debt by threatening legal action.
This holiday-themed BEC attack impersonated a company executive using a maliciously-registered domain to request a supposedly outstanding payment be made to a third-party vendor referenced in a fake email thread.
This payload-based attack contained a Office365-themed PDF attachment with an embedded link to a legitimate Adobe page, which included another link to a final credential phishing page.
This BEC attack impersonated a third-party vendor to request a fraudulent payment using modified legitimate invoice and a look-alike domain that was very similar to the vendor’s legitimate domain.
This Spanish-language BEC attack impersonating a company executive used the pretext of an acquisition of a foreign company and the introduction of a second persona to attempt to coerce an employee into sending a nearly $1 million payment.
This link-based attack hijacked an email thread from a compromised account to deliver a link leading to a fake TeamViewer page which attempts to download malware.
This link-based attack exploited the compromised account of an external third-party to make it appear that a vendor was sharing a link to a document about new dues, when the link actually led to a OneDrive phishing page to steal credentials.