Spoofed Display Name
Maliciously Registered Domain
Spoofed Display Name
No items found.
No items found.
Back to All Attacks
Attack Details
Attack Date:
May 17, 2022

Employee Impersonation Payroll Diversion BEC Attack

Initial Email Content

Subject
Stub
Body

I can access the employee portal but I keep getting an error message every time I try to modify my direct deposit information. Can I just forward you a voided check or my new account details for you to update before the next pay circle.


 


[Impersonated Employee Name]


[Impersonated Employee Title] 


[Target Company Name]

Attack Screenshots

No items found.
No items found.

Malicious Artifacts

Additional Indicators of Compromise

Type

Description

No items found.

Attack Description

This text-based BEC attack impersonates an employee using a spoofed display name and a maliciously registered domain to divert payroll deposits to a fraudulent account.

Analysis Overview

Type
Business Email Compromise
Tactic
Spoofed Display Name
Maliciously Registered Domain
Goal
Payroll Diversion
Impersonated Party
Employee - Other
Vector
Text-based
Theme
No items found.
Language