Search the repository of unique attacks observed by the Abnormal Intelligence team.
BEC Attack Impersonates COO to Request Payment for Supposed Legal Fees

This BEC attack impersonated a company COO using a maliciously-registered domain and spoofed display name to request a fraudulent wire transfer to pay for supposed legal fees.

Payload Credential Phishing Attack Incorporates a Tax Refund Theme

This payload-based attack was sent to a company executive using a tax refund theme as a pretext to get them to open an HTML file attached to a blank email, which led to a company-branded credential phishing page.

German-Language BEC Attack Requests Payment for Invoice via a Fake Email Chain

This German-language BEC attack impersonated a company executive to request payment for an outstanding invoice referenced in a fake email chain.

Executive Targeted in Attack Posing as Fake Financial Documents Distributed via SharePoint

This payload-based credential phishing attack targeted an executive with an email posing as financial documents shared via SharePoint and used foreign character substitution to bypass detection.

Vendor Email Compromise Attack Uses Hijacked Email Thread to Attempt to Redirect Invoice Payments

This BEC attack impersonated a vendor accounting specialist to try and redirect several invoice payments by incorporating contents from a hijacked email thread from a previously compromised account and sending the email from a lookalike domain.

Pay Stub Request Transitions to a Payroll Diversion BEC Attack

This BEC attack impersonating a company executive started with a request for the employee’s recent pay stubs, then pivoted into a request to update their direct deposit account.

Executive Targeted in a Self-Addressed Escrow-Themed Credential Phishing Attack

This payload-based credential phishing attack sent from a self-addressed spoofed email account targeted an executive posing as a real estate document.

CFO Email Address Spoofed to Request List of Outstanding Payments and Customer Contact Information

This BEC attack impersonated a company CFO using a spoofed email address and a free webmail reply-to account to request a spreadsheet of all outstanding payments and customer contact information in order to conduct future payment fraud.

Thanksgiving-Themed BEC Attack Spoofs Compromised Personal Account to Request Gift Cards

This BEC attack spoofs an external compromised account using a Thanksgiving-themed subject to request the purchase of an Amazon gift card for a supposedly sick family member.

DocuSign Phishing Email Uses Fake Payroll and Retirement Worksheet to Steal Credentials

This payload-based credential phishing attack impersonated DocuSign and requested that recipients review employee payroll and retirement documents contained in an attached HTML file.

Gift Card BEC Attack Impersonates COO to Encourage Employee Performance

This BEC attack impersonated a company COO using a free webmail account registered using the COO’s name to request an employee purchase gift cards to reward employee performance.

Executive Impersonated in Request to Pay Fake New Contractor

This BEC attack impersonated a company executive using a free Estonian email account to request that a payment be sent to a new independent contractor.

Credential Phishing Attack Poses as Executive’s Bonus Document

This payload-based credential phishing attack targeted an executive posing as an attached document needing review before receiving a company bonus.

Vendor Accountant Impersonated to Divert Outstanding Payment Due to COVID-19/Monkeypox Outbreak

This attack impersonates an accountant at a third-party supplier to request an outstanding payment to an alternate account due to a supposed outbreak of COVID-19 and monkeypox.

German-Language Message From “CEO” Attempts to Coerce Fraudulent Payment from CFO

This German-language attack targets a CFO impersonating the company CEO to request internal bank account details and a large outgoing payment.

Microsoft Password Expiration Pretext Used in Credential Phishing Attack

This phishing attack impersonates Microsoft using a password expiration theme to steal credentials via a malicious link.

CEO Impersonated in BEC Attack Requesting List of Pending Legal Settlements

This attack impersonates a company CEO to request a file containing a list of legal settlements that are pending payments.

Swedish Language Attack Requests Payment for an Overdue Invoice via a Fake Email Chain

This Swedish-language BEC attack impersonates a company executive to request payment for an outstanding invoice referenced in a fake email chain.

Australian Tax Office Impersonated in Funds Transfer-themed Phishing Attack

This attack impersonates the Australian Taxation Office with a payment transfer theme and asks the recipient to validate their identity by leading them to a phishing page contained within an HTML attachment.

Wells Fargo Home Mortgage Payoff Quote Contains Credential Phishing Attachment

This attack impersonates Wells Fargo using a spoofed email address and a home mortgage payoff theme to steal credentials via an HTML attachment.

Filters

Attack Type

Impersonated Party

Impersonated Brand

Attack Goal

Attack Vector

Attack Tactic

Attack Theme

Attack Language

AI-Generated