Back to All Attacks
Attack Details
Attack Date:
Apr 18, 2022
OneDrive COVID-19 Employee Incentive Fake Document Credential Phishing Attack
Initial Email Content
Subject
Updated May salary review (Final Post-Covid-19 listing)
Body
Dear [Recipient Username],
As already announced, The year's Wage increase will start in May of 2022
and will be paid out for the first time by August, with recalculation as of May.
View salary-increase-sheet-May-2022.Scan-103500010302022.pdf
You will be informed of the details in advance by letter from the HR department.
regards
[Recipient Domain] Management
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
No items found.
Attack Description
This link-based attack impersonates OneDrive and an employee using a self-addressed spoofed email, a COVID-19 theme, an employee incentive theme, and a fake document theme to steal credentials.
Analysis Overview
Tactic
Self-Addressed Spoofed Email
Goal
Credential Theft
Impersonated Party
Employee - Other
Vector
Link-based
Theme
COVID-19
Employee Incentive
Fake Document
Language