Executive Impersonation Mergers & Acquisitions Payment Fraud BEC Attack
Initial Email Content
Hi [Recipient First Name],
Are you available at the moment?
Sent from my mobile device
-----------
Okay [Recipient First Name], I want you to take care of this for me personally, I have just been informed that we have had an offer accepted by a new international vendor, to complete an acquisition that I have been negotiating privately for some time now, in line with the terms agreed, we will need to make a down payment of 30% of their total, which will be $39,797.20.
An announcement is currently being drafted and will be announced next week, once the deal has been executed, for now I don't want to go into any more details.
Until we are in a position to formally announce the acquisition I do not want you discussing it with anybody in the office, any question please email me.
Can you confirm if international wire transfer can go out today?
Attack Screenshots
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
Attack Description
This text-based BEC attack impersonates an executive using a personalized email subject, a spoofed display name, a free webmail account, and a mergers & acquisitions theme to request a fraudulent payment.