Now this is an interesting specialization of phishing attacks:
»The scam works like this: Someone obtains of a list of articles submitted to — and under review by — a publisher, along with the corresponding author’s contact information. Then, pretending to be the publisher, the scammers send a bogus email to the corresponding author informing him that his paper has been accepted. The email also contains article processing fee information, advising the author to wire the fee to a certain person. The problem is that it’s not the publisher sending out the acceptance emails — it’s a bad guy.«
(Scholarly Open Access: Fraud Alert: Bogus Article Acceptance Letters)
I doubt this constitutes a sustainable attack business model, but the perpetrators surely deserve credit for being adaptive and creative.