After compromising a Titan Worldwide domain, an attacker pastes previous conversations and a masked phishing link into an email in an attempt to steal sensitive information.
An attacker pretends to be from Medicare Australia and informs the recipient that their Medicare services have been suspended due to insufficient contact information.
An attacker creates a domain visually similar to Salesforce [.]com, engages the target, and then forwards the thread to another colleague, heightening the chances of a successful scam.
An attacker uses a legitimate NHS domain and Microsoft SharePoint to trick a recipient into clicking on a masked phishing link and exposing sensitive information.
By creating a sense of urgency around unauthorized account access and using a sending domain that includes "Bank of America," the attacker aims to compel the recipient to take action.
By using a legitimate document-sending service, the attacker is counting on the recipient to engage with the attachment and expose sensitive information.
An attacker attempts credential theft by spoofing the USDA with an official-sounding message and a PDF attachment containing a QR code that leads to a phishing site.
An attacker pretends to be from Spotify’s customer support, inquiring about updating payment details, and creates a legitimate-looking fake Spotify login page where sensitive information can be stolen.
An attacker embeds a malicious link into an image file that looks like a Microsoft Office 365 password change alert and includes official-sounding written disclosures to increase credibility.
Harnessing a legitimate-looking domain as a mask, an attacker attempts to infect a recipient's computer with malware by pretending to send a voicemail attachment.
By leveraging a domain similar to official Robinhood communications, an attacker attempts to steal sensitive information by creating a sense of urgency.