Attack Library
Executive Impersonated in Hijacking of Mergers & Acquisitions Transaction
Attackers impersonate the CEO using a spoofed email address to ask the recipient if they have been contacted by an attorney to facilitate an acquisition as the first stage of an attack designed to intercept a transaction.
Generic Email Support Team Impersonated in Password Change Malware Attack
Attackers impersonate a generic support team as part of a multi-stage malware attack, first informing the recipient that their password needs reset and asking them to call for support.
Office 365 Image Evades Text Analysis in Credential Phishing Attack
Attackers rendered an Office 365 email as a single image file with an accompanying credential phishing link wrapping the image.
Extortion Attack on Employees Used in Ploy for Bitcoin Payments
Attackers use a text-based email stating that they have access to the recipient’s personal information, including photos and browser history, stating that it will be deleted in exchange for a bitcoin payment.
Salary Increase Update Sent to Steal Employee Credentials
Attackers impersonate the company payroll department to send a wage update that takes users to a OneDrive phishing page and steals Microsoft 365 credentials.