Back to All Attacks
Attack Details
Attack Date:
Apr 7, 2022

First American Title Fake Document Credential Phishing Attack

Initial Email Content

Subject
(CLEAR TO CLOSE) DRAFT CD / Fraud Instructions and Wire Instructions - (Closing 04/08)
Body

Do not reply to this notifications message: Security system auto generate this email.

Open to Review CD

Congratulations on the final steps on closing, Attached is an updated closing statement

and other closing file needed at the closing ( FINAL CD & WIRING INSTRUCTIONS) are a

attached below for your review.

In an effort to limit the spread of Covid-19, we ask for your cooperation in keeping our employees and community safe.  
Please alert us immediately if you are feeling ill so other arrangements can be made for closing. In addition, we ask that non-essential visitors refrain from attending closings.

Attack Screenshots

No items found.

Malicious Artifacts

Additional Indicators of Compromise

Type

Description

No items found.

Attack Description

This link-based attack impersonates First American Title using email spoofing and a fake document theme to steal credentials.

Analysis Overview

Tactic
Spoofed Email Address
Goal
Credential Theft
Impersonated Party
Vector
Link-based
Theme
Fake Document
Language