Phishing Threat Database

How do we catch these threats?

The Cofense Phishing Detection Center (PDC) acts as a SOC-as-a-service, supporting thousands of leading organizations. With over 35 million trained users and real-time threat reporting, our platform combines automated analysis with expert verification, ensuring reliable and efficient protection. Here, you’ll find real-world phishing emails that bypassed even advanced security measures, posing risks to revenue and reputation.

Microsoft ATP

Phishing Email Example Description:
Finance-themed emails found in environments protected by Microsoft ATP deliver GoTo RAT via an embedded URL.

Posted On: November 5, 2025 Tactic: Embedded Link Theme: Finance

Microsoft ATP

Phishing Email Example Description:
ChatGPT-spoofing campaign found in environments protected by Microsoft ATP delivers Credential Phishing via an embedded URL.

Posted On: November 4, 2025 Tactic: Embedded Link Theme: Spoofing

Microsoft ATP

Phishing Email Example Description:
Shared File-themed emails sent via Sendspace and found in environments protected by Microsoft ATP and Proofpoint deliver an embedded link to a password-protected archive file containing an LNK Downloader. When run, the LNK Downloader delivers Muck Stealer.

Posted On: November 3, 2025 Tactic: Embedded Link Theme: Shared File

Proofpoint

Phishing Email Example Description:
Shared File-themed emails sent via Sendspace and found in environments protected by Microsoft ATP and Proofpoint deliver an embedded link to a password-protected archive file containing an LNK Downloader. When run, the LNK Downloader delivers Muck Stealer.

Posted On: November 3, 2025 Tactic: Embedded Link Theme: Shared File

Abnormal Security

Phishing Email Example Description:
Invitation-themed emails found in environments protected by Abnormal Security, Microsoft ATP, and Mimecast deliver an embedded link to a Credential Phishing site.

Posted On: October 31, 2025 Tactic: Embedded Link Theme: Invitation

Microsoft ATP

Phishing Email Example Description:
Invitation-themed emails found in environments protected by Abnormal Security, Microsoft ATP, and Mimecast deliver an embedded link to a Credential Phishing site.

Posted On: October 31, 2025 Tactic: Embedded Link Theme: Invitation

Mimecast

Phishing Email Example Description:
Invitation-themed emails found in environments protected by Abnormal Security, Microsoft ATP, and Mimecast deliver an embedded link to a Credential Phishing site.

Posted On: October 31, 2025 Tactic: Embedded Link Theme: Invitation

Proofpoint

Phishing Email Example Description:
Finance-themed emails found in environments protected by Proofpoint and Microsoft ATP deliver GoTo RAT via an embedded URL.

Posted On: October 30, 2025 Tactic: Embedded Link Theme: Finance

Microsoft ATP

Phishing Email Example Description:
Finance-themed emails found in environments protected by Proofpoint and Microsoft ATP deliver GoTo RAT via an embedded URL.

Posted On: October 30, 2025 Tactic: Embedded Link Theme: Finance

Abnormal Security

Phishing Email Example Description:
Finance-themed emails found in environments protected by Abnormal Security, Cisco IronPort, and Microsoft ATP deliver GoTo RAT via an embedded URL.

Posted On: October 29, 2025 Tactic: Embedded Link Theme: Finance