Unique Email Attacks of the Week: January 29, 2023
Abnormal Intelligence provides unique insights about today’s modern email attacks so you can best prepare your organization. Here are six attacks that we observed over the last week.
Fake Billing Scam Leverages Look-alike Domain to Send Fraudulent $1,000,000 Invoice
Using a look-alike domain, an attacker impersonates a vendor and sends a remittance request for a fake invoice totaling nearly $1,000,000. Read more.
Attacker Provides Bogus Contact Info to Boost Credibility in Fake Loan Offer Scam Targeting Students
After spoofing a legitimate email address, a threat actor sends university students a fraudulent offer for loan services and includes seemingly accurate contact information. Read more.
Disney Impersonator Creates Multi-Stage Vishing and Fake Billing Scam Attack Using Personalized Attachments
An attacker uses a look-alike domain and Disney branding to trick a target into calling a fake customer service phone number related to a new Disney subscription. Read more.
DHL Impersonator Spoofs Legitimate Domain to Send Fake Failed Shipment Notification in Phishing Attack
An attacker attempts to steal sensitive information by encouraging the recipient to use a masked phishing link to update their shipping address for a pending delivery. Read more.
University HR Admin Impersonator Uses QR Code and Fake Microsoft Login Page in Credential Theft Attempt
Using official-sounding language, university branding, and a believable premise, an attacker attempts to steal sensitive information. Read more.
Attacker Compromises Legitimate Account and Embeds Phishing Link in Fake QuickBooks Payment Notification
Using a compromised email address, the threat actor sends a purposefully vague payment confirmation with an embedded phishing link. Read more.
For more unique attacks, visit the Attack Library
For more attack insights and threat research, visit Abnormal Intelligence