Attack Library
Blank Self-Addressed Spoofed Email Leads to Convincing Credential Phish
A spoofed email impersonates a settlement release in order to trick recipients into opening a phishing attachment.
BEC Gift Card Attack Leverages Foreign Character Substitution to Bypass Defenses
An attacker uses foreign character insertion in the email subject to send a request to connect via phone, likely for the purpose of purchasing gift cards.
Hijacked Email Thread Used to Send Executive Link to Password-Protected Malware
An old email thread is hijacked and used to send a link to likely malware payload.
Fake PayPal Cryptocurrency Payment Receipt Coerces Victims to Make Contact Via Phone
Fake invoice for a cryptocurrency purchase through PayPal is used to get email recipients to reach out via phone and likely download malware.
Impersonation Bypasses Security Controls with a Lookalike Email Address
An attacker posing as a vendor attempts to solicit overdue payments by using a lookalike email address.
Credential Phishing Email Tricks Employees Using Company HR Policy Changes
Attackers impersonate the human resources team to inform employees of salary increases, luring them to follow phishing links.
Payroll Diversion Attack Uses Spoofed Email Address
Attackers ask to update bank account details for an employee, using a spoofed email address to avoid detection.
Adobe Acrobat Secure Fax Link Leads to Dropbox-Hosted Phishing Website
An attacker email containing an image of an Adobe Acrobat fax link leads to a phishing website hosted on Dropbox infrastructure.
Employee Benefits Eligibility Lure Used to Phish for Email Credentials
Attackers impersonate the HR department to deliver an updated Employee Benefits Eligibility Policy as part of a credential phishing attack.
Accounts Payable Impersonated in Malware Delivery Attack
Attackers impersonate Accounts Payable to deliver a payroll remittance attachment that contains malware.
Executive Impersonation Used to Elicit Secrecy in Employee Surprise
Attackers impersonate an executive and rely on human willingness to help in order to request a surprise appreciation gift for the team.
Executive Impersonated in LinkedIn Overdue Payment Request
Attackers impersonate an executive to bolster the validity of a fraudulent invoice in this double-phased attack that requests payment for an overdue invoice.
Dutch Executive Impersonated in Invoice Fraud Attempt
The attacker impersonates a Dutch executive and requests that payment be made now to a company in England.
Executive Impersonated in Payroll Diversion Scheme
Cybercriminals impersonate an executive and target the payroll administrator in an ask to update direct deposit information to a bank account owned by the attacker.
Hijacked Thread Used in Password Protected Malware Attack
This attack uses an ongoing email thread from a compromised vendor and password protected file to evade security solutions and deliver malware.
Call Center Phone Fraud Uses Fake Norton Invoice to Encourage Malware Installation
Increasingly popular, this phone fraud scam tricks recipients into believing that a payment has been made and encourages them to call a number to fix the problem.
DHL Fake Shipping Notification Used in HTML Credential Phishing Attack
Attackers impersonate DHL and ask the recipient to check their shipping documents, hidden behind a fake Microsoft 365 credential phishing page.
Executive Impersonation Used to Steal Aging Reports
Attackers impersonate a VIP within the organization to request an aging report of all outstanding vendor names and invoices.
Paid Invoice Notification Used for Credential Phishing Attack
Attackers use an external compromised vendor account and a receipt confirmation to trick recipients into providing their Microsoft 365 credentials.
Vendor Impersonation Used to Siphon Invoice Payments
Attackers impersonate a vendor by using a lookalike domain, stating that their banking details have changed and all new invoices should be directed to the new account.