What is emailsecurity.org?

Emailsecurity.org was created as a resource for the cybersecurity community to provide a centralized, marketing-free location for information about email-based phishing attacks. The site is maintained by Abnormal Security, but contains attack samples and intelligence reports from various sources in the private sector, public sector, law enforcement, and academia.

Recent Entries

Attack Vault

See all Attacks

Executive Impersonation Employee Incentive Gift Card Request BEC Attack

Subject:
"
routine ­­staff appreciation
"
Attack Date:
June 29, 2022

This text-based BEC attack impersonates an executive using a spoofed display name, a free webmail account, and an employee incentive theme to request the purchase of gift cards.

Type:
Business Email Compromise
Theme(s):
Employee Incentive
...
Tactic(s):
...
Vector:
Text-based
Goal:
Gift Card Request
Language:
Impersonated Party:
Employee - Executive
Impersonated Party:
Attachment Type:
See Attack Details

Vendor Impersonation Overdue Payment BEC Attack

Subject:
"
RE: FW: [Hijacked Thread Subject]
"
Attack Date:
June 29, 2022

This text-based BEC attack impersonates a vendor/supplier using a hijacked email thread, a look-alike domain, a matching malicious domain username, and an overdue payment theme to request a fraudulent payment.

Type:
Business Email Compromise
Theme(s):
Overdue Payment
...
Tactic(s):
...
Vector:
Text-based
Goal:
Payment Fraud
Language:
Impersonated Party:
External Party - Vendor/Supplier
Impersonated Party:
Attachment Type:
See Attack Details

Dutch Executive Impersonation Payment Fraud BEC Attack

Subject:
"
[Recipient First Name]
"
Attack Date:
June 29, 2022

This text-based Dutch-language BEC attack impersonates an executive using a personalized email subject, a spoofed display name, and a free webmail account to request a fraudulent payment.

Type:
Business Email Compromise
Theme(s):
No items found.
...
Tactic(s):
...
Vector:
Text-based
Goal:
Payment Fraud
Language:
Dutch
Impersonated Party:
Employee - Executive
Impersonated Party:
Attachment Type:
See Attack Details

Executive Impersonation Payroll Diversion BEC Attack

Subject:
"
Update Payroll Account
"
Attack Date:
June 29, 2022

This text-based BEC attack impersonates an executive using a matching free webmail username and a spoofed display name to divert payroll deposits to a fraudulent account.

Type:
Business Email Compromise
Theme(s):
No items found.
...
Tactic(s):
...
Vector:
Text-based
Goal:
Payroll Diversion
Language:
Impersonated Party:
Employee - Executive
Impersonated Party:
Attachment Type:
See Attack Details

Executive Impersonation Aging Report Theft BEC Attack

Subject:
"
Status of Payment
"
Attack Date:
June 29, 2022

This text-based BEC attack impersonates an executive using a spoofed display name and a free webmail account to request a copy of an aging report.

Type:
Business Email Compromise
Theme(s):
No items found.
...
Tactic(s):
...
Vector:
Text-based
Goal:
Aging Report Theft
Language:
Impersonated Party:
Employee - Executive
Impersonated Party:
Attachment Type:
See Attack Details