Unique Email Attacks of the Week: August 21, 2023
Abnormal Intelligence provides unique insights about today’s modern email attacks so you can best prepare your organization. Here are eight attacks that we have recently observed.
Featured Attack
Compromised Account Used in Attempt to Siphon Nearly $4M Worth of Invoices
Abnormal recently detected an attack in which the threat actor, who poses as “Jamie,” gains access to a compromised account and asks for a stop in further remittance plus a change of banking details after a "bounced check" caused account restrictions. The attacker informs the recipient to use a new offshore bank and asks that the finance department be updated. The attacker shares a list of invoices that total nearly $4,000,000. Since the attacker has access to the compromised account, they CC two look-alike domains, "rightrich.com," to stay connected to the thread should any suspicions arise.?
AI-Generated Credential Theft Attempted via Internal Company Impersonation
By leveraging urgency, an attacker sends an internal company communication in an attempt to steal credentials.
Sophisticated USPS Impersonator Attempts Credential Theft in Multi-Layered Attack
An attacker likely uses generative AI to create a fake automated USPS message about incorrect address information, including links to a fake USPS landing page.
Lookalike Domain with Single Letter Change Used for $82,000 Invoice Fraud
An attacker changes one letter of a domain to a similar-looking letter in an attempt to redirect a large invoice.
领英推荐
Attacker Impersonates Apple to Request Billing Details
Using a cleverly disguised no-reply domain, an attacker poses as Apple customer support in an attempt to get billing details and other sensitive information.
Kraken Exchange Spoofer Attempts to Steal Login Information
An attacker impersonates a popular cryptocurrency exchange and creates a fake website to steal login credentials.
Australian Government Spoofer Promises Tax Refund in Likely AI-Generated Credential Theft
An attacker pretends to be from the “Australian Taxation Office” to steal the victim’s login credentials by promising a tax refund.
Investment Opportunity Spoofer Offers Financial Services in Likely AI-Generated Scam
An attacker offers business financing options and promises commission for all successful referrals using a spoofed address.
For more unique attacks, visit the?Attack Library?
For more attack insights and threat research, visit?Abnormal Intelligence
Product Marketing | Cybersecurity | Entro Security ?
1 年Noice