This attack impersonates the Australian Taxation Office with a payment transfer theme and asks the recipient to validate their identity by leading them to a phishing page contained within an HTML attachment.
This attack impersonates Wells Fargo using a spoofed email address and a home mortgage payoff theme to steal credentials via an HTML attachment.
A spoofed email impersonates a settlement release in order to trick recipients into opening a phishing attachment.
An attacker uses foreign character insertion in the email subject to send a request to connect via phone, likely for the purpose of purchasing gift cards.
An old email thread is hijacked and used to send a link to likely malware payload.
Fake invoice for a cryptocurrency purchase through PayPal is used to get email recipients to reach out via phone and likely download malware.
An attacker posing as a vendor attempts to solicit overdue payments by using a lookalike email address.
Attackers impersonate the human resources team to inform employees of salary increases, luring them to follow phishing links.
Attackers ask to update bank account details for an employee, using a spoofed email address to avoid detection.
An attacker email containing an image of an Adobe Acrobat fax link leads to a phishing website hosted on Dropbox infrastructure.
Attackers impersonate the HR department to deliver an updated Employee Benefits Eligibility Policy as part of a credential phishing attack.
Attackers impersonate Accounts Payable to deliver a payroll remittance attachment that contains malware.
Attackers impersonate an executive and rely on human willingness to help in order to request a surprise appreciation gift for the team.
Attackers impersonate an executive to bolster the validity of a fraudulent invoice in this double-phased attack that requests payment for an overdue invoice.
The attacker impersonates a Dutch executive and requests that payment be made now to a company in England.
Cybercriminals impersonate an executive and target the payroll administrator in an ask to update direct deposit information to a bank account owned by the attacker.
Attackers impersonate a VIP within the organization to request an aging report of all outstanding vendor names and invoices.
Attackers impersonate DHL and ask the recipient to check their shipping documents, hidden behind a fake Microsoft 365 credential phishing page.
Increasingly popular, this phone fraud scam tricks recipients into believing that a payment has been made and encourages them to call a number to fix the problem.
This attack uses an ongoing email thread from a compromised vendor and password protected file to evade security solutions and deliver malware.