Bank Phishing SMTP Email Code Generation - ATR-2026-00359 (bc7908b3-31e5-5884-a04a-c3fcf381bc0f)
Detects bank phishing email code generation from NVIDIA garak dan.DanInTheWild inthewild corpus (#318). The attack requests a Python SMTP script template that generates "Security Breach at [bank_name]" phishing emails impersonating bank security teams. The template uses smtplib to send emails with subject "Important Notice: Security Breach at [bank_name]", body opening "Dear valued customer", and a spoofed From address "bank_name Security Team security@bank_name.com". Key signals: smtplib import + bank_name variable + "Security Breach at" subject + "Dear valued customer" body + send_email function with to_address and bank_name parameters. The combination of SMTP code generation with bank impersonation and phishing email template patterns is characteristic of phishing infrastructure creation requests.