What is emailsecurity.org?
Emailsecurity.org was created as a resource for the cybersecurity community to provide a centralized, marketing-free location for information about email-based phishing attacks. The site is maintained by Abnormal Security, but contains attack samples and intelligence reports from various sources in the private sector, public sector, law enforcement, and academia.
Attack Vault
Executive Impersonation Overdue Payment Legal Matter Payment Fraud BEC Attack
This text-based BEC attack impersonates an executive using a fake email chain, a spoofed email address, a matching malicious domain username, an overdue payment theme, and a legal matter theme to request a fraudulent payment.
Executive Impersonation Overdue Payment Payment Fraud BEC Attack
This text-based BEC attack impersonates an executive using a fake email chain, a maliciously registered domain, a spoofed display name, and an overdue payment theme to request a fraudulent payment.
Executive Impersonation Aging Report Theft BEC Attack
This text-based BEC attack impersonates an executive using a spoofed display name and a free webmail account to request a copy of an aging report.
Executive Impersonation Payroll Diversion BEC Attack
This text-based BEC attack impersonates an executive using a matching free webmail username and a spoofed display name to divert payroll deposits to a fraudulent account.
Dutch Executive Impersonation Payment Fraud BEC Attack
This text-based Dutch-language BEC attack impersonates an executive using a personalized email subject, a spoofed display name, and a free webmail account to request a fraudulent payment.