Executive Impersonation Overdue Payment Legal Matter Payment Fraud BEC Attack
Initial Email Content
Hi [Recipient First Name],
I just received a follow up e-mail from Jillian a lawyer from Allen & Overy representing a firm we worked with, regarding a late bill for the amount of $42,338.46 issued last year for a services rendered on our behalf and I have asked her to contact you.
I understand that the invoice was sent before but didn't get into the system for payment. Attached is a copy of the outstanding invoice. Can we get this paid today?
Many Thanks,
[Executive Name]
From: Jillian Ashley <jillian.ashley@allenoverys.com>
Posted: Monday, May 16, 2022 9:08 AM
To: [Executive Name] <[Executive Email Address]>
Subject: Unpaid Invoice
Hi [Executive First Name],
I have sent the invoice again to you as reminder. I wish to inform you that this invoice is already due and if this is not paid this week, we will have to open a case against your firm.
Kind Regards.
Jillian Ashley
Senior Associate
Address: 1221 Avenue of the Americas
New York, NY 10020
Allen & Overy LLP
Attack Screenshots
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
Attack Description
This text-based BEC attack impersonates an executive using a fake email chain, a spoofed email address, a matching malicious domain username, a maliciously registered domain, a legal matter theme, and an overdue payment theme to request a fraudulent payment.