elaborate phishing attempt used wkhtmltopdf to generate invoice

23 views
Skip to first unread message

Eersten Keer

unread,
Aug 16, 2024, 1:55:45 PMAug 16
to wkhtmltopdf General
hello,
i am a security engineer and our company has been in a string of phishing attempts, this one was very close, as  our accounts payable people almost paid a 42k invoice. they had a wells fargo bank account, they used a real domain to send the phishing so it cleared spam filters, they knew how to use a w9 to register a company. i have reported this with fcc & fbi. 

this is a long ask but in the digital signature of the po they used wkhtmltopdf to generate the pdf, does an administrator of this service have the ability to find who the creator's ip address was and any pertinent details and report them to the fbi, also referencing my report via ic3.gov

would be nice to catch these criminals

appreciate any response, you can email me directly for more details, i can provide the actual .pdf file, thank you.
Reply all
Reply to author
Forward
0 new messages