Back to All Attacks
Attack Details
Attack Date:
May 17, 2022
Employee Impersonation Payroll Diversion BEC Attack
Initial Email Content
Subject
(no subject)
Body
Good Morning [Recipient First Name]
Please kindly re-update my direct deposit account for upcoming payroll
I have an issue with my bank account, I will try and have it sorted
out later. Please have it updated ASAP.
Please make sure the payroll system process my direct deposit into my
new account and the new account be added today.
Can I email the new routing and account number details for the update
to be made today ?
Thank you.
[Impersonated Employee Name]
[Impersonated Employee Title]
Attack Screenshots
No items found.
No items found.
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
No items found.
Attack Description
This text-based BEC attack impersonates an employee using a spoofed display name and a free webmail account to divert payroll deposits to a fraudulent account.
Analysis Overview
Tactic
Spoofed Display Name
Free Webmail Account
Goal
Payroll Diversion
Impersonated Party
Employee - Other
Vector
Text-based
Theme
No items found.
Language