Executive Impersonation Overdue Payment Legal Matter Payment Fraud BEC Attack
Initial Email Content
Hi [Recipient First Name],
I just received a follow up e-mail from Francesca a lawyer from Allen & Overy representing a firm we worked with, regarding a late bill for the amount of £65,560.90 issued last year for a services rendered on our behalf and I have asked her to contact you.
I understand that the invoice was sent before but didn't get into the system for payment. Attached is a copy of the outstanding invoice. Can we get this paid today?
Many Thanks,
[Executive Name]
From: Francesca Bennetts francesca.bennetts@allenovarysglobal.com>
Posted: Wednesday, June 29, 2022 9:02 AM
To: [Executive Name] <[Executive Email Address]>
Subject: Unpaid Invoice
Hi [Executive First Name],
I have sent the invoice again to you as reminder. I wish to inform you that this invoice is already due and if this is not paid this week, we will have to open a case against your firm.
Kind Regards.
Francesca Bennetts | Senior Associate
Attack Screenshots
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
Attack Description
This text-based BEC attack impersonates an executive using a fake email chain, a spoofed email address, a matching malicious domain username, an overdue payment theme, and a legal matter theme to request a fraudulent payment.