Look-alike Domain
Spoofed Display Name
Look-alike Domain
Payment Inquiry
Payment Inquiry
Back to All Attacks
Attack Details
Attack Date:
Jun 27, 2022

Vendor Impersonation Payment Inquiry Credential Phishing Attack

Initial Email Content

Subject
Aged Receivables Status
Body

Good morning,


Please advise when we should expect to receive remittance for invoices due to [Vendor Company Name].


Thank you,

AR Team

Attack Screenshots

No items found.
No items found.

Malicious Artifacts

Additional Indicators of Compromise

Type

Description

No items found.

Attack Description

This text-based attack impersonates a vendor/supplier using a look-alike domain, a spoofed display name, and a payment inquiry theme to steal credentials.

Analysis Overview

Type
Credential Phishing
Tactic
Look-alike Domain
Spoofed Display Name
Goal
Credential Theft
Impersonated Party
External Party - Vendor/Supplier
Vector
Text-based
Theme
Payment Inquiry
Language