Ladies and gentlemen, this is just amazing!
My “company” is being attacked by some hackers pretending to be Indians.

“Company”? Indians? You might ask

It’s simple, my domain is sual.in (the joke is - c@sual.in email) (.in - Indian TLD).
And here’s what I’m seeing now:

I’m curious how they came up with this email and why are they so dumb to send a bunch of emails at the same time…

So, I expect a Korean-style attack, where they “apply” for a job and either steal money through salaries or hack the infrastructure with subsequent data extraction

Of course, the resumes and PDFs are AI-generated (there are even empty 500KB PDFs, maybe they contain exploits), and the links don’t work (they’re just text).

What are your suggestions on what I should do about this? Contact me!

I mean, they have used real Gmail accounts, they’re not just here to drop a payload and leave, they spent money to buy accounts, make it look real. It’s not a lot per account, but still, they’re consumables.