Attack Vault
The Attack Vault contains samples of email-based cyber attacks targeting enterprise users, including business email compromise (BEC) attacks, financial supply chain fraud, credential phishing, malware attacks, and other types of scams. The email subject and body content of these samples can be searched and the repository can be filtered based on specific characteristics using the options below.
This collection of attack samples is not meant to be a comprehensive repository of all email-based threats. Rather, the Attack Vault contains a cross-section of various types of cyber threats--each containing a unique combination of tactics, themes, and/or content--to provide a general overview of some of the more notable attacks observed in today's email threat landscape.
Good evening
Right here I direct you all the necessary records regarding our soon meeting, right as we revealed recently. Please review the аll required data here:
hXXps://furatfashionstudio[.]co[.]in/aeu/cuteototeenrsvercnin
File password: U523
[Hijacked threat content]
Fake Document Link-based Malware Attack
This link-based attack uses a hijacked email thread and a fake document theme to deliver malware.
[Image with text content]
Thank you!
Norton Fake Payment Receipt Fake Billing Scam
This text-based fake billing scam impersonates Norton using a content obfuscation via image and a fake payment receipt theme.
Hi,
Please find attached your Shipping documents.
Kindly do the needful.
Regards,
[Third Party Employee Name]
Coordinator, Shipment Office
DHL Express (AE) LLC
DHL Fake Shipping Notification HTML Attachment Credential Phishing Attack
This payload-based attack impersonates DHL using a free webmail account and a fake shipping notification theme to steal credentials.
Hoi [Recipient First Name]
Wat is je telefoon nummer? Uw aandacht is nodig om meteen een taak voor mij af te handelen.
Vriendelijke groeten,
Bedankt.
Verzonden vanaf mijn mobiele apparaat.
Kind Regards
Dutch Executive Impersonation Gift Card Request BEC Attack
This text-based Dutch-language BEC attack impersonates an executive using a personalized email subject, a cell phone number request, a spoofed display name, and a free webmail account to request the purchase of gift cards.
[Target Company Name] Verification Expires 01 July, 2022
Hi [Recipient Username],
Your password for your email account [Recipient Email Address] will expire on 01 July, 2022.
To continue using your account [Recipient Email Address] Please reconfirm account ownership below.
Reconfirm Password
[Target Company Name] Mail Team
Message securely sent to [Recipient Email Address], please ignore if wrongly received.
Expired Account Credential Phishing Attack
This link-based attack uses a personalized email subject, a maliciously registered domain, and an expired account theme to steal credentials.
[Recipient First Name],
Need you to initiate a wire transfer today, how soon can you get this done
So i can send the information required
Regards
[Executive Name]
Sent from my iPhone
Executive Impersonation Payment Fraud BEC Attack
This text-based BEC attack impersonates an executive using a spoofed email address, a matching malicious domain username, and a maliciously registered domain to request a fraudulent payment.
[Recipient First Name],
I need your help to resolve an urgent matter by the close of business today.
Please let me know your available time slots for a conference call later today and the number to reach you at.
Thanks,
[Executive First Name]
Sent from my iPhone
Executive Impersonation Payment Fraud BEC Attack
This text-based BEC attack impersonates an executive using a spoofed email address and a maliciously registered domain to request a fraudulent payment.
Hast du eine Minute ?
Ich brauche Sie, um eine Aufgabe für mich zu erledigen, wenn Sie verfügbar sind.
Gesendet von einem drahtlosen 5G-Gerät
German Executive Impersonation Gift Card Request BEC Attack
This text-based German-language BEC attack impersonates an executive using a spoofed display name and a free webmail account to request the purchase of gift cards.
Hei [Recipient First Name],
Oletko käytettävissä juuri nyt? Minulla on tänään pari kokousta koko
päivän, ja sinun on suoritettava minulle henkilökohtaisesti tehtävä
mahdollisimman pian. Joten olisin kiitollinen nopeasta
sähköpostivastauksesta.
Parhain terveisin,
[Executive First Name].
Lähetetty iPhonestani
Finnish Executive Impersonation Gift Card Request BEC Attack
This text-based Finnish-language BEC attack impersonates an executive using a personalized email subject, an external compromised account, and a spoofed display name to request the purchase of gift cards.
Hi [Recipient First Name],
Can you set up a faster payment for the overdue attached invoice?
It needs to be paid immediately.
Kindly Advise.
Thanks.
[Executive Name]
[Executive Title]
Executive Impersonation Overdue Payment Payment Fraud BEC Attack
This text-based BEC attack impersonates an executive using a spoofed display name, a free webmail account, and an overdue payment theme to request a fraudulent payment.
