Helaas is de inhoud van deze pagina niet beschikbaar in de taal van uw keuze.

Ga naar hoofdinhoud
Home Clone phishing

Clone phishing

Clone phishing definition

Clone phishing is an attack where a cybercriminal makes a copy of a legitimate email from a trusted sender. The attacker alters the content of the cloned email (e.g., replaces attachments or links with malicious ones) and sends it to the original recipient from a spoofed email address.

See also: angler phishing, anti-phishing service, HTTPS phishing, ice phishing

Examples of clone phishing

Invoice update

  • A vendor emails a company's finance department with an invoice.
  • An attacker intercepts this email, clones it, and replaces the legitimate invoice with a malicious one containing malware.
  • The attacker sends the cloned email to the same recipient, making it appear like an update or correction to the original invoice.
  • The recipient doesn’t suspect foul play and opens the attachment, infecting the system with malware.

Password reset

  • A user receives a password reset email from their social media platform due to a forgotten password request.
  • An attacker clones this email and replaces the legitimate password reset link with a link to a fake login page.
  • The attacker sends the cloned email to the user, claiming that the first email had an expired link.
  • The user clicks on the link, enters their credentials on the fake login page, and gives them away to the attacker.

Software update

  • An employee receives an email from the IT department about a software update.
  • The attacker clones the email, replaces the download link with a malicious one, and sends the cloned email with a “fixed” update link.
  • The employee clicks on the malicious link and downloads malware onto their system.