ClonePhishing
Clone phishing is a form of social engineering and email-based fraud in which an attacker dupes a recipient into revealing credentials or installing malware by mimicking a legitimate, previously sent message. The attacker relies on the victim’s familiarity with the original communication to bypass skepticism and prompt trust.
In a typical clone phishing operation, the attacker copies the content of a genuine email and resends
Clone phishing often exploits routine business or service interactions, such as invoices, password resets, or delivery
Defenses center on user awareness and technical controls. Users should verify unexpected requests, hover over links
Clone phishing is related to other phishing variants such as spear phishing and business email compromise