After gaining access to a legitimate account, an attacker attempts payment fraud by requesting ACH transfers instead of payments via check.
Using friendly language and a hidden malicious link, an attacker impersonates Amazon to steal sensitive information.
An attacker likely uses generative AI to create a fake automated USPS message about incorrect address information, including links to a fake USPS landing page.
An attacker offers business financing options and promises commission for all successful referrals using a spoofed address.
An attacker uses generative AI to attempt payment fraud by impersonating an Australian cosmetics brand.
An attacker utilizes a close resemblance freight company DAT One's domain in a credential theft attempt.
An attacker pretends to be from the “Australian Taxation Office” to steal the victim’s login credentials by promising a tax refund.
An AI-generated attack impersonates a debt collector and creates a sense of urgency to attempt to steal personal information.
Attacker impersonates the LinkedIn billing department and references the recent closure of SVB in this likely AI-generated attack.
An attacker uses a generative AI tool to spoof an insurance company, hoping to steal login credentials.
By leveraging urgency, an attacker sends an internal company communication in an attempt to steal credentials.
An attacker impersonates a popular cryptocurrency exchange and creates a fake website to steal login credentials.
An attacker gains access to a compromised account and attempts to redirect large invoices to a new offshore bank.
Using a cleverly disguised no-reply domain, an attacker poses as Apple customer support in an attempt to get billing details and other sensitive information.
An attacker changes one letter of a domain to a similar-looking letter in an attempt to redirect a large invoice.
Using a lookalike domain, an attacker uses conversational language in a fake billing scam.
By removing a single letter in the sending domain to still appear legitimate, an attacker attempts to redirect a large invoice.
After a vendor account is compromised, an attacker references unpaid invoices and utilizes lookalike domains to attempt payment fraud.
An attacker hijacks an email account and communicates with two employees who are unaware the account has been compromised.
This attack uses a compromised vendor account and cc’s lookalike domains in an attempted wire transfer fraud.