Clone Phishing
A highly deceptive attack where a previously delivered, legitimate email is duplicated and resent with its safe links replaced by malicious ones.
Overview
In a Clone Phishing attack, cybercriminals compromise an account, find a legitimate, trusted email thread (such as an invoice from a vendor sent last week), clone it perfectly, and swap out the attachment or URL for a malicious payload. Because the victim recognizes the context, the sender, and the exact formatting, their guard is completely down. PhiShark detects this by utilizing LLM-powered NLP to identify subtle shifts in communication patterns, combined with real-time URL Detonation that instantly catches the newly injected malicious link, regardless of the email's historical trust.
Real-World Examples
- ▸Resending an old invoice with an 'Updated Payment Link'
- ▸Hijacking an internal HR email thread about benefits enrollment
- ▸Weaponizing trusted communication flows to bypass human skepticism
Related Terms
Protect Against Clone Phishing
PhiShark's agentic AI detects and analyzes threats in real-time
Start Free Trial