open-menu
closeme
Attachment: HTML smuggling 'body onload' linking to suspicious destination
calendar
Sep 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: HTML smuggling with decimal encoding
calendar
Sep 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Brand impersonation: Microsoft with low reputation links
calendar
Sep 20, 2023
·
Share on:
twitter
facebook
linkedin
copy
Credential Phishing: Suspicious language, link, recipients and other indicators
calendar
Sep 20, 2023
·
Share on:
twitter
facebook
linkedin
copy
Fake voicemail notification (unsolicited)
calendar
Sep 20, 2023
·
Share on:
twitter
facebook
linkedin
copy
Body: Business Email Compromise (BEC) attempt from first-time sender
calendar
Sep 20, 2023
·
Share on:
twitter
facebook
linkedin
copy
Credential phishing: 'Secure message' and engaging language
calendar
Sep 20, 2023
·
Share on:
twitter
facebook
linkedin
copy
Open Redirect: Google domain with /url path and suspicious indicators
calendar
Sep 19, 2023
·
Share on:
twitter
facebook
linkedin
copy
Brand impersonation: Github
calendar
Sep 18, 2023
·
Share on:
twitter
facebook
linkedin
copy
Brand impersonation: Amazon
calendar
Sep 18, 2023
·
Share on:
twitter
facebook
linkedin
copy
Credential phishing: Engaging language and other indicators (first-time sender)
calendar
Sep 18, 2023
·
Share on:
twitter
facebook
linkedin
copy
Link: QR Code with suspicious language (first-time sender)
calendar
Sep 14, 2023
·
Share on:
twitter
facebook
linkedin
copy
Brand impersonation: Microsoft
calendar
Sep 13, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: PDF with link to DMG file download
calendar
Sep 13, 2023
·
Malfam: MetaStealer
·
Share on:
twitter
facebook
linkedin
copy
Brand impersonation: Venmo
calendar
Sep 13, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: Archive contains DLL-loading macro
calendar
Sep 11, 2023
·
Share on:
twitter
facebook
linkedin
copy
Callback Phishing NLU body or attachment from first-time sender
calendar
Sep 8, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: HTML smuggling with atob and high entropy
calendar
Sep 8, 2023
·
Share on:
twitter
facebook
linkedin
copy
BEC with unusual Reply-to or Return-path mismatch
calendar
Sep 8, 2023
·
Share on:
twitter
facebook
linkedin
copy
Credential Phishing: Image as content, short or no body contents
calendar
Sep 8, 2023
·
Share on:
twitter
facebook
linkedin
copy
Open redirect: U.S. Antarctic Program Data Center (USAP-DC)
calendar
Sep 8, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: HTML smuggling with excessive line break obfuscation
calendar
Sep 8, 2023
·
Share on:
twitter
facebook
linkedin
copy
File sharing link with a suspicious subject
calendar
Sep 7, 2023
·
Share on:
twitter
facebook
linkedin
copy
Fake message thread with a suspicious link and engaging language from an unknown sender
calendar
Sep 7, 2023
·
Share on:
twitter
facebook
linkedin
copy
Extortion / sextortion (first-time sender)
calendar
Sep 6, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: DocuSign image lure with no DocuSign domains in links
calendar
Sep 5, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: Office365 image (unsolicited)
calendar
Sep 5, 2023
·
Share on:
twitter
facebook
linkedin
copy
Brand impersonation: Microsoft (QR code)
calendar
Sep 5, 2023
·
Share on:
twitter
facebook
linkedin
copy
Google Accelerated Mobile Pages (AMP) abuse
calendar
Aug 31, 2023
·
Share on:
twitter
facebook
linkedin
copy
Link to auto-downloaded file with Google Drive branding
calendar
Aug 31, 2023
·
Malfam: QakBot
·
Share on:
twitter
facebook
linkedin
copy
Brand impersonation: FedEx
calendar
Aug 31, 2023
·
Share on:
twitter
facebook
linkedin
copy
Impersonation: Human Resources with link or attachment and engaging language
calendar
Aug 31, 2023
·
Share on:
twitter
facebook
linkedin
copy
Brand impersonation: Zoom (strict)
calendar
Aug 31, 2023
·
Share on:
twitter
facebook
linkedin
copy
Brand impersonation: PayPal
calendar
Aug 31, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: EML with link to credential phishing page
calendar
Aug 31, 2023
·
Share on:
twitter
facebook
linkedin
copy
Spam: New link domain (<=10d) and emojis
calendar
Aug 31, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: PDF file with low reputation links to suspicious filetypes (unsolicited)
calendar
Aug 30, 2023
·
Malfam: Ave Maria
·
Share on:
twitter
facebook
linkedin
copy
Body: Callback Phishing solicitation
calendar
Aug 30, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: Office Document with VSTO Add-in
calendar
Aug 30, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: HTML with obfuscation and recipient's email in JavaScript strings
calendar
Aug 29, 2023
·
Share on:
twitter
facebook
linkedin
copy
Brand impersonation: Barracuda Networks
calendar
Aug 28, 2023
·
Share on:
twitter
facebook
linkedin
copy
Brand impersonation: Vanta
calendar
Aug 28, 2023
·
Share on:
twitter
facebook
linkedin
copy
Impersonation: Recipient SLD in sender's email address local part
calendar
Aug 27, 2023
·
Share on:
twitter
facebook
linkedin
copy
Brand impersonation: Chase Bank
calendar
Aug 27, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: HTML smuggling with base64 encoded JavaScript function
calendar
Aug 27, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: Office file contains OLE relationship to credential phishing page
calendar
Aug 25, 2023
·
Share on:
twitter
facebook
linkedin
copy
Brand impersonation: LinkedIn
calendar
Aug 25, 2023
·
Share on:
twitter
facebook
linkedin
copy
Brand impersonation: Sharepoint
calendar
Aug 25, 2023
·
Share on:
twitter
facebook
linkedin
copy
Link: Free Subdomain host with undisclosed recipients
calendar
Aug 25, 2023
·
Share on:
twitter
facebook
linkedin
copy
Brand Impersonation: Exodus
calendar
Aug 25, 2023
·
Cryptocurrency
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Recipients pattern with NLU credential theft indicators
calendar
Aug 25, 2023
·
Share on:
twitter
facebook
linkedin
copy
Brand impersonation: Netflix
calendar
Aug 25, 2023
·
Share on:
twitter
facebook
linkedin
copy
Link: IPFS
calendar
Aug 25, 2023
·
Share on:
twitter
facebook
linkedin
copy
Brand impersonation: Amazon with suspicious attachment
calendar
Aug 24, 2023
·
Share on:
twitter
facebook
linkedin
copy
Inline image as message with attachment or link
calendar
Aug 24, 2023
·
Share on:
twitter
facebook
linkedin
copy
Employee impersonation with urgent request (first-time sender)
calendar
Aug 24, 2023
·
Share on:
twitter
facebook
linkedin
copy
Impersonation using recipient domain (first-time sender)
calendar
Aug 24, 2023
·
Share on:
twitter
facebook
linkedin
copy
Request for Quote or Purchase (RFQ|RFP) with HTML smuggling attachment
calendar
Aug 24, 2023
·
Share on:
twitter
facebook
linkedin
copy
Link to a Domain with Punycode Characters
calendar
Aug 24, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: Callback Phishing solicitation via pdf file
calendar
Aug 24, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: HTML Attachment with Login Portal Indicators
calendar
Aug 23, 2023
·
Share on:
twitter
facebook
linkedin
copy
Brand impersonation: Twitter
calendar
Aug 23, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: Callback Phishing solicitation via image file
calendar
Aug 22, 2023
·
Share on:
twitter
facebook
linkedin
copy
Open redirect: Slack
calendar
Aug 22, 2023
·
Share on:
twitter
facebook
linkedin
copy
Open redirect: Panera Bread
calendar
Aug 22, 2023
·
Share on:
twitter
facebook
linkedin
copy
Brand impersonation: American Express (AMEX)
calendar
Aug 22, 2023
·
Share on:
twitter
facebook
linkedin
copy
Body: Business Email Compromise (BEC) attempt from unsolicited sender
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Job Scam (first-time sender)
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Mass campaign: recipient address in subject, body, and link (first-time sender)
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Spoofable internal domain with suspicious signals
calendar
Aug 21, 2023
·
Attack surface reduction
·
Share on:
twitter
facebook
linkedin
copy
Suspicious newly registered reply-to domain with engaging financial or urgent language
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Recipients pattern with no Compauth pass and suspicious content
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
VIP impersonation with urgent request (first-time sender)
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: Adobe image lure with suspicious link from first time sender
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: Dropbox image lure with no Dropbox domains in links
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: Embedded Javascript in SVG file (unsolicited)
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: EML file contains HTML attachment with login portal indicators
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: Malicious OneNote Commands
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: Potential Sandbox Evasion in Office File
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Body: Microsoft logo or Suspicious Language and Bing open redirect
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Brand impersonation: Dropbox
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Brand impersonation: Google fake sign-in warning
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Brand impersonation: Microsoft quarantine release notification
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Brand impersonation: Microsoft Teams
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Brand impersonation: Norton
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
PayPal Invoice Abuse
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Stripe Invoice Abuse
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
AnonymousFox Indicators
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: Uncommon compressed file
calendar
Aug 21, 2023
·
Attack surface reduction
·
Share on:
twitter
facebook
linkedin
copy
Brand Impersonation: Coinbase with suspicious links
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Brand impersonation: Fake fax
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Brand impersonation: Microsoft fake sign-in alert
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Brand impersonation: ukr[.]net
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Commonly abused sender TLD with engaging language
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Punycode sender domain
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment soliciting user to enable macros
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment with auto-executing macro (unsolicited)
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment with auto-opening VBA macro (unsolicited)
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment with encrypted zip (unsolicited)
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment with high risk VBA macro (unsolicited)
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment with macro calling executable
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment with suspicious author (unsolicited)
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment with unscannable encrypted zip (unsolicited)
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment with VBA macros from employee impersonation (unsolicited)
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: Adobe branded PDF file linking to a password-protected file from first-time sender
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: Any HTML file (first-time sender)
calendar
Aug 21, 2023
·
Attack surface reduction
·
Share on:
twitter
facebook
linkedin
copy
Attachment: Any HTML file (unsolicited)
calendar
Aug 21, 2023
·
Attack surface reduction
·
Share on:
twitter
facebook
linkedin
copy
Attachment: Any HTML file within archive (unsolicited)
calendar
Aug 21, 2023
·
Attack surface reduction
·
Share on:
twitter
facebook
linkedin
copy
Attachment: Archive containing disallowed file type
calendar
Aug 21, 2023
·
Attack surface reduction
·
Share on:
twitter
facebook
linkedin
copy
Attachment: Archive with embedded CHM file
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: Archive with embedded EXE file
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: Archive with pdf, txt and wsf files
calendar
Aug 21, 2023
·
Malfam: QakBot
·
Share on:
twitter
facebook
linkedin
copy
Attachment: CVE-2021-40444 - MSHTML Remote Code Execution Vulnerability
calendar
Aug 21, 2023
·
CVE-2021-40444
·
Share on:
twitter
facebook
linkedin
copy
Attachment: CVE-2023-21716 - Microsoft Office Remote Code Execution Vulnerability
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: Double Base64-encoded Zip File in HTML Smuggling Attachment
calendar
Aug 21, 2023
·
Malfam: QakBot
·
Share on:
twitter
facebook
linkedin
copy
Attachment: EICAR String Present
calendar
Aug 21, 2023
·
EICAR
·
Share on:
twitter
facebook
linkedin
copy
Attachment: Embedded VBScript in MHT file (unsolicited)
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: EML file with HTML attachment (unsolicited)
calendar
Aug 21, 2023
·
Attack surface reduction
·
Share on:
twitter
facebook
linkedin
copy
Attachment: EML file with IPFS links
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: Emotet heavily padded doc in zip file
calendar
Aug 21, 2023
·
Malfam: Emotet
·
Share on:
twitter
facebook
linkedin
copy
Attachment: Encrypted Microsoft Office file (unsolicited)
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: Excel Web Query File (IQY)
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: File execution via Javascript
calendar
Aug 21, 2023
·
Attack surface reduction
·
Share on:
twitter
facebook
linkedin
copy
Attachment: Filename Containing Unicode Right-to-Left Override Character
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: HTML Attachment with Javascript location
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy
Attachment: HTML file contains exclusively Javascript
calendar
Aug 21, 2023
·
Share on:
twitter
facebook
linkedin
copy