Unique Email Attacks of the Week: December 18, 2023
Abnormal Intelligence provides unique insights about today’s modern email attacks so you can best prepare your organization. Here is a collection of attacks that we observed over the last month.
Featured Attack
Uncovering AI-Generated Email Attacks: Real-World Examples from 2023
The past year witnessed revolutionary advancements in the field of generative AI, with the launch of tools like ChatGPT. The unfortunate news is that the accessibility of generative AI has also created opportunities for cybercriminals to exploit the technology to create sophisticated cyberthreats, often with email as the first attack vector.
To illustrate how AI is being weaponized, we’ve collected real-world examples of likely AI-generated malicious emails our customers have received in the last year.
Cleverly Designed Credential Phishing Attempt Impersonates Microsoft and Utilizes Authentic-Looking Fake Landing Page
Using a real domain as a mask, an attacker sends an image attachment with a QR code to entice the target to follow the link to reauthenticate MFA on a fake landing page.
Attacker Exploits Trusted Brands and Impersonates Financial Services Provider to Attempt Credential Phishing
In this credential phishing attack, the threat actor sends a fake invoice payment confirmation with a phishing link obscured using a URL shortener.
AT&T Mail Impersonator Uses Google Slides to Mask Link to Phishing Site Disguised as Login Page
A threat actor sends an account expiration notification with a link to a Google Slides presentation containing an embedded phishing link.
Attacker Compromises New Jersey Department of Health Email Account and Sends Fake Document with Masked Phishing Link
After compromising the account, an attacker creates a fake document purporting to be a faxed invoice that includes a masked phishing link.
PayPal Impersonator Uses PandaDoc to Send Fake Document in Credential Theft Attempt
An attacker claims to be from PayPal investigating a fraudulent transaction and requests sensitive information from the target to complete a verification process.
Recommended by LinkedIn
Trust Wallet Impersonator Combines Email Spoofing and Social Engineering in Credential Phishing Attack
An attacker attempts credential theft by impersonating Trust Wallet and sending a phishing link disguised as an account verification page.
Likely AI-Generated Credential Vishing Attack Features Impersonation of Walmart
An attacker attempts to create a sense of urgency and compel the target to call a fake customer service number by sending a bogus receipt for a recent iPhone purchase.
HR Impersonator Spoofs Healthcare Advisory Company to Attempt Credential Theft
Using a “two-bridge[.]com” domain as a mask, an attacker sends a credential phishing email disguised as an HR department update regarding approval of a new company handbook.
UPS Impersonator Uses Compromised Account in Credential Phishing Attempt
After compromising a legitimate domain, an attacker impersonates UPS and asks the recipient to verify shipping information via a phishing link.
Attacker Uses Adobe Acrobat’s File Sharing System in Cleverly Designed Credential Theft Attempt
After compromising the email account of a Vanguard Cleaning Systems employee, an attacker creates a legitimate-looking PDF with a masked phishing link to steal credentials.
For more unique attacks, visit the Attack Library
For more attack insights and threat research, visit Abnormal Intelligence