Personalized Email Subject
Self-Addressed Spoofed Email
Personalized Email Subject
Fake Document
Fake Document
Back to All Attacks
Attack Details
Attack Date:
May 10, 2022

SharePoint Fake Document Credential Phishing Attack

Initial Email Content

Subject
[Recipient Company Name] Building Project Documents
Body

You've received a new SharePoint Project Document:

Project     [Recipient Company Name] Building Project

Title     [Recipient Company Name] Building Project Documents

Bid No.     1232-05102022

From     [Recipient Name]   ([Recipient Email Address])

Subject     Bid Documents, Drawing, Scope of Work and Purchase Order

VIEW SHAREPOINT PROJECT DOCUMENTS

Do not hesitate to send me an email if you have any question.

Please find attached project documents to bid for the above referenced project. Review the documents, send back requested information, and provide bid proposal or quotes based on the scope of work outlined in the bid documents.

Thanks,

Thank you

Attack Screenshots

No items found.
No items found.

Malicious Artifacts

Additional Indicators of Compromise

Type

Description

No items found.

Attack Description

This link-based attack impersonates SharePoint using a self-addressed spoofed email address, a personalized subject, and a fake document theme to steal credentials.

Analysis Overview

Type
Credential Phishing
Tactic
Personalized Email Subject
Self-Addressed Spoofed Email
Goal
Credential Theft
Impersonated Party
Vector
Link-based
Theme
Fake Document
Language