
Like many security researchers, I not only run my own mail servers, but I generally do not have spam filtering on many of them so I can see the interesting attacks that come in. Then, dig into them as time allows. Yesterday, I got an interesting take on the ever-present invoice maldocs campaign, this time it was spoofing a DocuSign email suggesting I had an invoice to sign.
Read More