Attack Library
Threat Actor Impersonates IRS and Manufactures Urgency in Likely AI-Generated Phishing Attack
An attacker poses as the IRS and claims there's an issue with the target's tax return to deceive them into revealing private information.
Threat Actor Hijacks Conversation Using Look-alike Domain in Attempt to Divert $17M Wire Transfer
Posing as a vendor, an attacker inserts themselves into an existing email thread and tries to redirect the payment for a multi-million dollar invoice.
Attacker Attempts to Stealthily Divert $1.4M AUD Using Look-alike Domain and Email Hijacking
By exploiting existing email conversations and using a look-alike domain, a threat actor attempts to compel a target to transfer funds to an account controlled by the attacker.
Meta Impersonator Exploits Legitimate Domain in Fake Account Deletion Notification to Steal Credentials
In this likely AI-generated attack, a threat actor poses as a Meta representative and uses a link hosted on a legitimate domain as the first step in a phishing attempt.
Threat Actor Convincingly Impersonates FedEx in Likely AI-Generated Credential Phishing Attack
An attacker incorporates FedEx branding into a fake notification of a pending package to trick a target into providing sensitive information.
Attacker Impersonates HR and Sends Bogus Employee Assessment Notification in Phishing Attempt
Using a spoofed email address, a threat actor poses as the target company's HR team and manufactures a sense of urgency to manipulate the recipient into visiting a phishing page.
Threat Actor Compromises Faculty Email to Phish University VIP in Likely AI-Generated Attack
After compromising a legitimate email account, an attacker attempts credential theft by inviting a target to apply for an employee benefits program.
Wells Fargo Impersonator Manufactures Urgency to Prompt Quick Action in Vishing Attempt
An attacker poses as the Wells Fargo fraud department and exploits the target's fear of losing access to their bank account to compel them to call a vishing number.
Threat Actor Uses Compromised Email to Target Internal Employees in Credential Phishing Attempt
After compromising an email address, an attacker sends a fake document notification to fellow employees linked to a fake Microsoft login page hosted by Webflow designed to steal credentials.
School District Administrative Assistant Impersonator Compromises Email to Attempt Credential Theft
After compromising a vendor’s email address, an attacker crafts a fake document notification linked to a fake Microsoft login page hosted by Webflow designed to steal credentials.
Multi-Step Credential Phishing and Malware Attack Utilizes Canva and Fake Microsoft Login Page
After compromising a legitimate email account, an attacker uses Canva to host a malicious redirect link before impersonating Microsoft to gain access to a target’s environment and install Malware.
Attacker Compromises Attorney’s Account and Creates Spoofed SharePoint Landing Page in Credential Theft Attempt
Using the compromised account of a real attorney, an attacker emails the target regarding outstanding invoices with a link to a fake SharePoint landing page.
Microsoft OneDrive Impersonator Spoofs Outlook Email and Creates Fake Login Page in Credential Phishing Attempt
After spoofing one of Microsoft’s real no-reply emails, an attacker sends an identical imitation of a OneDrive notification regarding recently deleted files, urging the target to take action.
Attacker Impersonates Cryptocurrency Service in Likely AI-Generated, Multi-Step Credential Theft Attempt
An attacker impersonates payment solutions provider Wirex using a convincing account verification email and branded phishing page to steal login credentials.
Multi-Step Vishing Attempt Features Impersonation of PayPal and McAfee
After spoofing a PayPal customer service email, an attacker sends a fraudulent notification regarding a bogus McAfee charge to compel the target to call a fake support center and cancel the transaction.
Likely AI-Generated Coinbase Impersonator Creates Fake Landing Page in Multi-Step Credential Phishing Attack
By mimicking Coinbase’s branding in both the email and landing page, an attacker attempts to create a sense of urgency around suspicious account activity and prompt immediate action from the target.
Attacker Exploits Google Sites and Uses Compromised Vendor Account to Spoof Docusign in Phishing Attempt
Leveraging a compromised external vendor account, an attacker sends a fake Docusign notification linked to a Google Sites page containing a phishing link to steal sensitive information.
DocuSign Impersonator Sends Bogus Tax-Related Email to Lure Target to Credential Phishing Website
By posing as a trusted brand and manufacturing a sense of urgency, an attacker hopes to deceive a target into providing sensitive information.
Threat Actor Convincingly Impersonates Employee Requesting Direct Deposit Update in Likely AI-Generated Attack
The attacker uses a Gmail account to send an email free of grammatical errors and with no malicious payloads to attempt payroll diversion.
Attacker Leverages Stealthy Lookalike Domain in Cunning $36 Million Invoice Fraud Attempt
Using a lookalike domain with a .cam suffix instead of .com, an attacker attempts to redirect a massive loan payment to a fraudulent LLC.