Back to All Attacks
Attack Details
Attack Date:
Apr 29, 2022
Microsoft Employee Incentive Fake Document Credential Phishing Attack
Initial Email Content
Subject
Folder "[company]/Bonus payments 2022" has been shared with you.
Body
HR@[Recipient Company Domain] shared a folder with you.
Please upload your documents in the bonus folder for 2022. .
Bonus Payments 2022
This link will work for [Recipient Email Address]..
Open
Attack Screenshots
No items found.
No items found.
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
No items found.
Attack Description
This link-based attack impersonates Microsoft using email spoofing, an employee incentive theme, and a fake document theme to steal credentials.
Analysis Overview
Tactic
Spoofed Email Address
Goal
Credential Theft
Impersonated Party
Vector
Link-based
Theme
Employee Incentive
Fake Document
Language