Maliciously Registered Domain
Spoofed Display Name
Maliciously Registered Domain
No items found.
No items found.
Back to All Attacks
Attack Details
Attack Date:
Jun 20, 2022

Employee Impersonation Payroll Diversion BEC Attack

Initial Email Content

Subject
earnings
Body

I can access the employee portal but I keep getting an error message every time I try to modify my direct deposit information. Can I just forward you a voided check or my new account details for you to update before the next pay circle.


 


[Impersonated Employee Name]

 

 

[Impersonated Employee Title]

 

[Target Company Name]

Attack Screenshots

No items found.
No items found.

Malicious Artifacts

Additional Indicators of Compromise

Type

Description

No items found.

Attack Description

This text-based BEC attack impersonates an employee using a maliciously registered domain and a spoofed display name to divert payroll deposits to a fraudulent account.

Analysis Overview

Type
Business Email Compromise
Tactic
Maliciously Registered Domain
Spoofed Display Name
Goal
Payroll Diversion
Impersonated Party
Employee - Other
Vector
Text-based
Theme
No items found.
Language