Attack Library
American Express Impersonator Uses Verification Request to Steal Data in Likely AI-Generated Phishing Attack
Cybercriminals pose as American Express, and attempt to deceive recipients into providing sensitive information.
Etsy Impersonators Use Policy Violation Alert to Attempt Sensitive Data Theft in Likely AI-Generated Attack
Threat actors pose as Etsy and claim the target’s account has been suspended to deceive them into providing private information.
Fake Netflix Billing Alert Exploits Urgency to Steal User Information
Phishing attack uses a lookalike domain to impersonate Netflix and harvest login credentials and payment details.
Attackers Impersonate Apple in Likely AI-Generated Gift Card Scam
Threat actors pose as Apple and send a suspicious account activity alert with a request for verification to deceive targets into sending gift card details.
Corrupted Word Attachment Uses QR Code to Bypass Scanners and Phish Microsoft 365 Credentials
A phishing campaign uses intentionally corrupted Word documents with embedded QR codes to bypass scanners and steal Microsoft 365 credentials.
Adobe Creative Cloud Phishing Attack Delivers Fake Microsoft 365 Login Page
Threat actors use Adobe Creative Cloud to host a phishing document with a link to a spoofed Microsoft 365 login page protected by a Cloudflare Turnstile.
Executive Impersonation BEC Attack Targets Customer Payment Records
An attacker impersonates C-suite executives to trick employees into sharing sensitive financial information—no links, no attachments, just trust exploited.
Internal Account Takeover Leads to Lateral Phishing via Wix-Hosted Data Collection Form
An attacker uses a compromised internal account to send a link to a Wix-hosted form that harvests sensitive information from coworkers.
Phishing Attack Mimics Microsoft Teams Alert to Steal Sensitive Information
Cybercriminals use a spoofed address to send a fake message notification designed to trick recipients into revealing private information.
Spoofed DHL Email with Malicious QR Code Targets Recipients in Likely AI-Generated Credential Theft Attempt
Attackers impersonate DHL and email a PDF attachment containing a malicious QR code linked to a phishing page.
Spoofed Capital One Email Uses Account Freeze Alert to Steal Credentials
Phishing attack exploits urgency and trust to deceive recipients into revealing sensitive information.
Fake Shopify Deactivation Notice Exploits Telegram to Harvest Sensitive Information in Likely AI-Generated Attack
Cybercriminals impersonate Shopify to mislead recipients into engaging with a fraudulent Telegram support account.
Attacker Impersonates Australia Post Using Spoofed Address and Sends Bogus Delivery Alert to Attempt Credential Theft
Utilizing a spoofed sender address that closely resembles a legitimate email address, a threat actor hopes to trick targets into divulging private information.
DHL Impersonator Uses Spoofed Email and Microsoft CAPTCHA to Trick Targets in Phishing Attack
Threat actors hope to deceive recipients into revealing sensitive information by leveraging mimicked branding and spoofed versions of familiar security mechanisms.
Cybercriminals Send Bogus Microsoft Email System Update Alert in Likely AI-Generated Phishing Attack
Threat actors impersonate Microsoft and use a fake notification regarding a critical error to deceive targets into revealing sensitive information.
Phishers Pose as Amazon and Use Fraudulent Payment Alert to Steal Sensitive Information
Attackers impersonate Amazon and claim there is an issue with the target’s Prime account in hopes of deceiving them into revealing private data.
Netflix Impersonator Attempts Credential Theft in Likely AI-Generated Phishing Attack
Utilizing a look-alike domain and mimicked branding, threat actors hope to deceive targets into revealing sensitive information.
HTML Attachment Renders Local Phishing Page and Exfiltrates Credentials via Telegram
This phishing attack uses an HTML attachment to render a local sign-in page, steals credentials, and exfiltrates them via Telegram API.
Attacker Impersonates Instagram and Uses Fake Verified Badge Notification to Steal Credentials
Cybercriminals mimic Instagram and Meta branding in a malicious email and spoofed login portal in this phishing attack.
Threat Actors Exploit Docusign to Share Link to Spoofed Microsoft Login and Steal Credentials
An attacker uses Docusign to share a document containing a malicious link hidden behind a Cloudflare Turnstile.