External Compromised Account
External Compromised Account
Bid Proposal
Bid Proposal
Back to All Attacks
Attack Details
Attack Date:
May 11, 2022

Bid Proposal Credential Phishing Attack

Initial Email Content

Subject
NEW BID INVITATION FROM [IMPERSONATED THIRD PARTY NAME]
Body

Good morning,


[Impersonated Third Party Name] is respectfully requesting your company submit a proposal for the attached scope of work. You will find the scope of work and bid set plan along with specific sizing documents associated with this project, please see the link below to view bid:


REVIEW BID PROPOSAL HERE


To those who perform in multiple divisions; quotes for multiple areas of work are welcomed and encouraged. However, please provide separate estimates for each division or area of work that you plan to quote.


Should you have any questions please do not hesitate to reach out to me directly.


Thank you,


Kind regards,


[Impersonated Third Party Employee Name]

[Impersonated Third Party Employee Title]

[Impersonated Third Party Name]

Attack Screenshots

No items found.
No items found.

Malicious Artifacts

Additional Indicators of Compromise

Type

Description

No items found.

Attack Description

This link-based attack impersonates an external third party using an external compromised account and a bid proposal theme to steal credentials.

Analysis Overview

Type
Credential Phishing
Tactic
External Compromised Account
Goal
Credential Theft
Impersonated Party
External Party - Other
Vector
Link-based
Theme
Bid Proposal
Language