Fake Invoice HTML Attachment Credential Phishing Attack
Initial Email Content
Dear [Recipient Username]
York University has issued payment of $1348.71 in settlement of the item(s) listed in the attached remittance advice. The amount will be deposited into your bank account within two business days.
Disclaimer Notice:
This email and any attachments may contain confidential and privileged information. If you are not the intended recipient, please notify the sender immediately by return email, delete this email, and destroy any
copies. Any dissemination or use of this information by a person other than the intended recipient is unauthorized and may be illegal.
*************************************************************************
Avertissement:
Ce courriel, ainsi que toutes les pièces jointes, peuvent contenir des informations confidentielles et privilégiées. Si vous n'êtes pas le destinataire voulu, veuillez en informer l'expéditeur immédiatement en
lui retournant le courriel, et détruisez le ainsi que toutes les copies. La diffusion ou l'utilisation de cette information par une personne autre que le destinataire voulu est non autorisée et peut être illégale.
Attack Screenshots
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
Attack Description
This payload-based attack impersonates an external third party using an HTML attachment and fake invoice theme to steal credentials.