Back to All Attacks
Attack Details
Attack Date:
Jun 22, 2022
Employee Impersonation Payroll Diversion BEC Attack
Initial Email Content
Subject
Information on a pay change
Body
Dear [Recipient First Name],
I would like to request that the information associated with my pay account be changed from its present status to the account listed below.
Account holder's name:[Impersonated Employee Name]
[Account Number] is the account number.
Number for routing: 124 303 120
To confirm that it has been updated, kindly respond to me.
with heartfelt regards,
[Impersonated Employee Name]
Attack Screenshots
No items found.
No items found.
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
No items found.
Attack Description
This text-based BEC attack impersonates an employee using a spoofed display name and a free webmail account to divert payroll deposits to a fraudulent account.
Analysis Overview
Tactic
Spoofed Display Name
Free Webmail Account
Goal
Payroll Diversion
Impersonated Party
Employee - Other
Vector
Text-based
Theme
No items found.
Language