Employee Impersonation Payroll Diversion BEC Attack

Initial Email Content

Subject

My Direct Deposit Guide

Body

Hi [Recipient First Name],

I have recently changed banks, can you update my payroll direct deposit information? Previous account on record will be inactive few days before the next pay day.

Regards,

[Impersonated Employee Name]

Attack Screenshots

No items found.

Malicious Artifacts

Additional Indicators of Compromise

Type

Description

No items found.

Attack Description

This text-based BEC attack impersonates an employee using a spoofed email address and a free webmail account to divert payroll deposits to a fraudulent account.

Analysis Overview

Type

Business Email Compromise

Tactic

Spoofed Email Address

Free Webmail Account

Goal

Payroll Diversion

Impersonated Party

Employee - Other

Vector

Text-based

Theme

No items found.

Language