Credential Theft

OneDrive

627ad06b4976ab7baf00e84e onedrive20phishing 20220509

627ad06f37ef95ea7bfddc11 onedrive20phishing 20220509b

Spoofed Email Address

Fake Document

Credential Phishing

Link-based

[Recipient Email Domain] Cash Flow Statements has been shared with youHi [Recipient Email Address], Please see the attached Cash Flow Statements icon 	[Recipient Email Domain] Cash Flow Statements.pdf permission globe icon 	This link will work for [Recipient Email Address]. Open‍

Executive Impersonation Payment Fraud BEC Attack

Microsoft Secure Message HTML Attachment Credential Phishing Attack

Spanish Employee Impersonation Payroll Diversion BEC Attack

Instagram Suspended Account Credential Phishing Attack

Homepage

The Abnormal Attack Vault

OneDrive Fake Document Credential Phishing Attack

Breadcrumbs

Discover the tactics, goal, and vector of a real-world email attack blocked by Abnormal Security.

description

https://intelligence.abnormalsecurity.com/attack-vault/onedrive-fake-document-credential-phishing-attack-2

referrer

robots

{"title":{"title":"Abnormal Intelligence | OneDrive Fake Document Credential Phishing…"}}

This link-based attack impersonates OneDrive using a spoofed email address and a fake document theme to steal credentials.

Subscribe to our monthly newsletter to receive the latest insights from our team directly in your inbox.

Abnormal Intelligence Email Subscribe

Top Bar

New BEC Insights from Chris Krebs, Former Director of CISA

OneDrive Fake Document Credential Phishing Attack

Email Content

Subject

Body

Analysis Overview

Type

Vector

Goal

Tactic

Theme

Impersonated Brands