Payment confirmations are essential in business. You need to know a payment has been processed. 

That also makes it a prime candidate for a scam.

In this attack, missed by Proofpoint, the end-user sees what looks like a payment confirmation notice. Here's what the email looks like:


Should they click on the attachment, the site they're directed to is not legitimate:

One of the many reasons our AI detected this as phishing was due to an insignificant historical reputation with the sender. Avanan research has found that 84.3% of all phishing emails do not have a significant historical reputation with the victim.

Subscribe to Our Attack Briefs for More Research