Phishing Threat Database

How do we catch these threats?

The Cofense Phishing Detection Center (PDC) acts as a SOC-as-a-service, supporting thousands of leading organizations. With over 35 million trained users and real-time threat reporting, our platform combines automated analysis with expert verification, ensuring reliable and efficient protection. Here, you’ll find real-world phishing emails that bypassed even advanced security measures, posing risks to revenue and reputation.

Microsoft ATP

Phishing Email Example Description:
Expedia-spoofing emails found in environments protected by Microsoft ATP and Proofpoint deliver GoTo RAT via an embedded URL.

Posted On: October 7, 2025 Tactic: Link Theme: Spoofing

Proofpoint

Phishing Email Example Description:
Expedia-spoofing emails found in environments protected by Microsoft ATP and Proofpoint deliver GoTo RAT via an embedded URL.

Posted On: October 7, 2025 Tactic: Link Theme: Spoofing

Cisco IronPort

Phishing Email Example Description:
USPS-spoofing campaign found in environments protected by Cisco IronPort delivers credential phishing via an embedded URL.

Posted On: October 2, 2025 Tactic: Link Theme: Spoofing

Microsoft ATP

Phishing Email Example Description:
Ledger-spoofing campaign found in environments protected by Microsoft ATP delivers credential phishing via an embedded URL.

Posted On: October 1, 2025 Tactic: Link Theme: Spoofing

Abnormal Security

Phishing Email Example Description:
MSI Benefits Group-spoofing emails found in environments protected by Abnormal Security and Microsoft ATP deliver Credential Phishing via an embedded link.

Posted On: September 30, 2025 Tactic: Link Theme: Spoofing

Microsoft ATP

Phishing Email Example Description:
MSI Benefits Group-spoofing emails found in environments protected by Abnormal Security and Microsoft ATP deliver Credential Phishing via an embedded link.

Posted On: September 30, 2025 Tactic: Link Theme: Spoofing

Microsoft ATP

Phishing Email Example Description:
Newtec Electricity-spoofing campaign found in environments protected by Microsoft ATP delivers an attached, password protected, PDF with a link to a Credential Phishing page.

Posted On: September 30, 2025 Tactic: PDF Attachment Theme: Spoofing

Microsoft ATP

Phishing Email Example Description:
Invitation-themed emails found in environments protected by Microsoft ATP deliver GoTo RAT via an embedded URL.

Posted On: September 26, 2025 Tactic: Link Theme: Invitation

Microsoft ATP

Phishing Email Example Description:
Intuit-spoofing campaign found in environments protected by Microsoft ATP delivers credential phishing via an embedded URL.

Posted On: September 25, 2025 Tactic: Link Theme: Spoofing

Microsoft ATP

Phishing Email Example Description:
Financed-themed emails found in environments protected by Microsoft ATP and Cisco IronPort deliver a PDF containing an embedded link.

Posted On: September 24, 2025 Tactic: PDF Attachment Theme: Finance