Filters
Reset
Attack Type
Attack Vector
Attack Goal
Attack Tactic
Impersonated Party
Attachment Type
Language
Theme
Impersonated Brand
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Attack Vault

Showing
X
results

The Attack Vault contains samples of email-based cyber attacks targeting enterprise users, including business email compromise (BEC) attacks, financial supply chain fraud, credential phishing, malware attacks, and other types of scams. The email subject and body content of these samples can be searched and the repository can be filtered based on specific characteristics using the options below.

This collection of attack samples is not meant to be a comprehensive repository of all email-based threats. Rather, the Attack Vault contains a cross-section of various types of cyber threats--each containing a unique combination of tactics, themes, and/or content--to provide a general overview of some of the more notable attacks observed in today's email threat landscape.

Hi [Recipient First Name]

Do we incur extra charges to process a Wire transfer same day?

Thanks.

Executive Impersonation Payment Fraud BEC Attack

Subject:
"
Fedwire
"
Attack Date:
February 24, 2022

This text-based BEC attack impersonates an executive using display name spoofing and a maliciously registered domain to request a fraudulent payment.

No items found.
Type:
Business Email Compromise
Theme(s):
...
Tactic(s):
...
Vector:
Text-based
Goal:
Payment Fraud
Impersonated Party:
Employee - Executive
Impersonated Brand:
Attachment Type:
Language:
See Attack Details

Transaction ID: TX98230HG8

You just sent a payment.

Dear Customer,

Thanks for using PayPal. It may take a few moments for this transaction to appear in your account.

Merchant                                                                                                                                                                                                                            Note to Seller

[Name],                                                                                                                                                                                                      you haven’t sent a note.

[Email Address

Shipping Address                                                                                                                                                                             Total:                     $279.99 USD

NY, United States

                                                                                                                                                                                                    Payment:                     $279.99 USD

                                                                                                                                                                   Payment sent to [Name]

This email was sent by an automated system, so if you reply, nobody will see it. To get in touch with us, log in your account and click to “Contact us” at the bottom of any page.

Sincerely,

PayPal

1-877-287-3224

PayPal Fake Billing Scam

Subject:
"
Billing Team
"
Attack Date:
February 23, 2022

This text-based fake billing scam impersonates PayPal using a fake payment theme.

No items found.
Type:
Fake Billing Scam
Theme(s):
...
Tactic(s):
...
Vector:
Text-based
Goal:
Impersonated Party:
Impersonated Brand:
PayPal
Attachment Type:
Language:
See Attack Details

Invoice Date: Feb 23rd, 2022
Invoice No: 23BBEFF36SGY-07394

Hello [Recipient Email Address],

Thank you for your order. Please keep this invoice for your records


Item Qty Unit Price   Sub-Total
Celestron - 114LCM Computerized Newtonian Telescope 1 $439.95 $439.95 USD
Total  
$439.95 USD
Payment  
$439.95 USD

You can view your order at any time from the order page or contact us at +1 321 587 6301

Amount in Words
Four Hundred Thirty Nine

For Amazon:
Authorized Signatory


*Please do not reply to this email. This mailbox is not monitored and you will not receive a response. For assistance, log in to your account and click Help in the top right corner of any page.

Amazon Fake Billing Scam

Subject:
"
Amazon Invoice/ Cash Memo (Original For Recipient)
"
Attack Date:
February 23, 2022

This text-based fake billing scam impersonates Amazon using a fake payment receipt theme.

No items found.
Type:
Fake Billing Scam
Theme(s):
...
Tactic(s):
...
Vector:
Text-based
Goal:
Impersonated Party:
Impersonated Brand:
Amazon
Attachment Type:
Language:
See Attack Details

Hi [First Name],

I have changed my bank details and I’ll appreciate if you could send me the DD Auth form.  Alternatively, may I send you my new banking details for you to help effect the DD change from your end to avoid mistakes.I need your prompt assistance in this regard.

Thank you.

[Executive Name]

Executive Impersonation Payroll Diversion BEC Attack

Subject:
"
CHANGE DD
"
Attack Date:
February 22, 2022

This text-based business email compromise attack impersonates an executive using display name impersonation with the goal of diverting payroll information.

No items found.
Type:
Business Email Compromise
Theme(s):
...
Tactic(s):
...
Vector:
Text-based
Goal:
Payroll Diversion
Impersonated Party:
Employee - Executive
Impersonated Brand:
Attachment Type:
Language:
See Attack Details

Hello ,


          I have recently changed banks and like to have my direct deposit changed to my new account, my previous account on file will be inactive in 10 days, Can you get this done with my VOIDED check? I need your prompt assistance on this.


Regards

Executive Impersonation Payroll Diversion BEC Attack

Subject:
"
Payroll
"
Attack Date:
January 27, 2022

This text-based BEC attack impersonates an executive using display name spoofing and a compromised external account to divert payroll deposits to a fraudulent account.

No items found.
Type:
Business Email Compromise
Theme(s):
...
Tactic(s):
...
Vector:
Text-based
Goal:
Payroll Diversion
Impersonated Party:
Employee - Executive
Impersonated Brand:
Attachment Type:
Language:
See Attack Details

Hi [Target First Name],

Can you mail out an overnight check to a vendor for me today? Please advise.

Regards,
[Executive Name]

Executive Impersonation Payment Fraud BEC Attack

Subject:
"
Thursday,Jenuary 06, 2022
"
Attack Date:
January 6, 2022

This text-based BEC attack impersonates an executive using display name spoofing and a free webmail account to request a fraudulent payment.

No items found.
Type:
Business Email Compromise
Theme(s):
...
Tactic(s):
...
Vector:
Text-based
Goal:
Payment Fraud
Impersonated Party:
Employee - Executive
Impersonated Brand:
Attachment Type:
Language:
See Attack Details

Whoops.. There are no results found.