After compromising a known domain, the attacker creates a fake landing page that mimics OpenSea’s official website and leverages social engineering to create a sense of urgency and persuade the target to take action.
Using a real domain as a mask, an attacker sends an image attachment with a QR code to entice the target to follow the link to reauthenticate MFA on a fake landing page.
An attacker gets engagement from the target after discussing an RFQ and uses Microsoft survey forms to create a spoofed SharePoint link to appear legitimate.
In this debt collection scam, the attacker sends a fraudulent final notice for a nonexistent debt and uses social engineering to create a sense of urgency.
After compromising a pro-manchester email account, a threat actor uses Monograph to host a malicious link that sends the target to a fake Microsoft login page.
By creating a sense of urgency around unauthorized account activity and using a display name that includes "Chase Bank," the attacker aims to compel the recipient to take action.
An attacker claims to be from PayPal investigating a fraudulent transaction and requests sensitive information from the target to complete a verification process.
An attacker attempts to create a sense of urgency and compel the target to call a fake customer service number by sending a bogus receipt for a recent iPhone purchase.
Using a “two-bridge[.]com” domain as a mask, an attacker sends a credential phishing email disguised as an HR department update regarding approval of a new company handbook.