This extortion attack, sent from a self-addressed spoofed email address, claimed to have installed a RAT on the recipient’s computer and demanded $950 in bitcoin in exchange for the attacker not releasing supposedly explicit videos of the recipient.
This third party reconnaissance BEC attack impersonated a vendor’s accounting manager to request an update to the vendor’s bank account on file and redirect future payments to a fraudulent account.
This BEC attack impersonated a team manager to attempt to divert the employee’s payroll direct deposit using an email that obfuscated its content using foreign character substitution.
This payload-based credential phishing email employed bypass tactics, including a hidden sender address and obfuscated text, to pose as an invoice for employee training.
This payload-based credential phishing attack sent from a self-addressed spoofed email address posed as a security alert, indicating the user’s data had been accessed from a suspicious location and an HTML attachment needed to be reviewed or else their account would be locked.
This BEC attack impersonated a company executive to request an update to their payroll deposit account using a combination of a Lithuanian subject and Dutch body content.
A fake billing scam impersonating PayPal posed as a payment receipt for an expensive bathroom mirror TV that was used as a lure to get a recipient to reach out via phone and likely coerce them to download malware.
This BEC attack impersonated an executive using a spoofed email address to request an employee’s assistance with the acquisition of a foreign company, asking for the employee’s phone number to pivot to a voice conversation.
This BEC attack impersonated a company COO using a maliciously-registered domain and spoofed display name to request a fraudulent wire transfer to pay for supposed legal fees.
This payload-based attack was sent to a company executive using a tax refund theme as a pretext to get them to open an HTML file attached to a blank email, which led to a company-branded credential phishing page.
This payload-based credential phishing attack targeted an executive with an email posing as financial documents shared via SharePoint and used foreign character substitution to bypass detection.
This BEC attack impersonated a vendor accounting specialist to try and redirect several invoice payments by incorporating contents from a hijacked email thread from a previously compromised account and sending the email from a lookalike domain.
This BEC attack impersonating a company executive started with a request for the employee’s recent pay stubs, then pivoted into a request to update their direct deposit account.
This BEC attack impersonated a company CFO using a spoofed email address and a free webmail reply-to account to request a spreadsheet of all outstanding payments and customer contact information in order to conduct future payment fraud.
This BEC attack spoofs an external compromised account using a Thanksgiving-themed subject to request the purchase of an Amazon gift card for a supposedly sick family member.
This payload-based credential phishing attack impersonated DocuSign and requested that recipients review employee payroll and retirement documents contained in an attached HTML file.