hello,
i am a security engineer and our company has been in a string of phishing attempts, this one was very close, as our accounts payable people almost paid a 42k invoice. they had a wells fargo bank account, they used a real domain to send the phishing so it cleared spam filters, they knew how to use a w9 to register a company. i have reported this with fcc & fbi.
this is a long ask but in the digital signature of the po they used wkhtmltopdf to generate the pdf, does an administrator of this service have the ability to find who the creator's ip address was and any pertinent details and report them to the fbi, also referencing my report via
ic3.gov
would be nice to catch these criminals
appreciate any response, you can email me directly for more details, i can provide the actual .pdf file, thank you.