This phishing attack impersonated FedEx using a fake shipping notification pretext to direct a recipient to a captcha-protected phishing page created to steal personal and financial information using MFA bypass tactics.
This BEC attack impersonated an external factoring company using a free webmail account with a customized impersonation username to request a copy of an updated aging report containing customer payment and contact information.
This payload-based attack posed as a fake incoming ACH payment masked as an automated email from an internal company system, which contained an HTML attachment that led to a branded phishing page intended to steal the recipient’s credentials.
This link-based attack imitated a company human resources email that announced the release of a new employee handbook, which included a link to a phishing page meant to steal an employee’s name and email credentials.
This payload-based phishing attack posed as an announcement from the company human resources team about updates to the company’s employee benefits package and requested the recipient review a supposed updated handbook, which actually opened a phishing page to steal account credentials.
This French-language BEC attack impersonated a company executive using a free webmail account created with a lookalike username to request assistance making a payment that was supposedly part of a corporate acquisition.
This BEC attack impersonated a company CEO using a combination of a spoofed email address and an account hosted on a malicious domain created with a username matching the CEO’s to request a fraudulent payment.