Attack Library
Threat Actor Impersonates Social Security Administration Using Malicious Gmail Account in Vishing Attack
A cybercriminal attempts to manipulate the target into calling a fake contact number for the Office of Inspector General by claiming fraudulent financial activity has been discovered.
Phisher Convincingly Impersonates Adobe Acrobat Sign to Steal Login Credentials
Cybercriminals exploit the urgency of a signature request to trick recipients into visiting a phishing site under the guise of reviewing a confidentiality agreement.
Phishing Attack Exploits Eventbrite Branding to Steal Sensitive Information via Malicious Domain
Cybercriminals impersonate Eventbrite in an urgent email to deceive recipients into verifying account details through a phishing link.
Threat Actors Impersonate OpenSea with Fake Item Sale Notification to Steal Sensitive Information
Cybercriminals exploit the excitement of a successful NFT transaction to trick recipients into visiting a phishing site.
Phishing Attack Impersonates Organ Transplant Organization Employee to Deliver Fake Voicemail
Cybercriminals use compromised email accounts to trick recipients into visiting a phishing site under the guise of a missed voicemail notification
Threat Actor Exploits Fear of a Data Breach to Distribute Malware in Likely AI-Generated Attack
Cybercriminals attempt to convince targets their private data has been compromised in order to trick them into downloading malware from a legitimate file-sharing site.
Attackers Convincingly Impersonate UPS and Use Fake Shipment Notification to Steal Payment Details
Threat actors attempt to deceive targets into providing credit card information under the pretense of fixing a problem with a pending shipment.
Attacker Uses Compromised Email and Legitimate File-Hosting Service in Phishing Attempt
Cybercriminals impersonate a vendor and exploit document sharing to deceive recipients and access confidential data.
Attacker Poses as HR Manager and Attempts Credential Theft via Branded Phishing Page
Using a spoofed email address, the threat actor sends a fake notification regarding employee benefits to compel the target to click on a phishing link.
Attackers Use Compromised Email and Multiple Verification Tests to Disguise Phishing Attempt
Cybercriminals exploit a compromised email address and use a fake document notification to lure recipients into revealing sensitive information.
Likely AI-Generated Phishing Attack Exploits Compromised Email to Impersonate New York State Department of Taxation
Cybercriminals manufacture a sense of urgency with a fake tax violation notice to trick recipients into disclosing sensitive information.
DHL Impersonator Sends Fraudulent Failed Delivery Notification Containing Malicious QR Code
An attacker claims a pending delivery is awaiting address confirmation to deceive the target into visiting a phishing site.
Attacker Sends Bogus Fax Notification Using Spoofed Email to Attempt Credential Theft
Cybercriminals impersonate an internal communication system to trick recipients into visiting a phishing site disguised as a Microsoft Outlook portal.
Cybercriminals Use Look-Alike Domain to Impersonate NFT Marketplace OpenSea and Steal Sensitive Information
Threat actors exploit the appeal of an exclusive financial offer to deceive recipients into compromising their security.
Phisher Impersonates Booking.com to Steal Sensitive Information via Fake Customer Complaint Email
Cybercriminals exploit the trusted name of Booking.com to deceive recipients into entering personal details into a fraudulent login page.
Threat Actor Uses Prezi to Distribute Malware Disguised as Shared Tax Documents
Cybercriminal targets insurance agency with malware attack that exploits legitimate presentation software.
Phisher Impersonates Regions Bank and Sends Fraudulent Account Verification Request in Likely AI-Generated Attack
Cybercriminals create a sense of urgency with a spoofed Regions Bank email, tricking recipients into divulging personal details through a phishing site.
Phishing Attack Exploits Compromised Email to Impersonate Amazon and Steal Sensitive Information
Cybercriminals attempt to manipulate recipients into updating payment details on a fraudulent website by posing as Amazon.
Attackers Pose as American Financial Group and Send Malware Disguised as Password-Protected Zip File
Threat actors exploit the trust in a financial services company to trick recipients into downloading malicious attachments.
Cybercriminals Pose as Capital One Using a Spoofed Email in Credential Phishing Attack
A threat actor sends a fraudulent account alert linked to a phishing website to deceive recipients into revealing confidential information.