Matching Malicious Domain Username
Free Webmail Account
Spoofed Display Name
Matching Malicious Domain Username
No items found.
No items found.
Back to All Attacks
Attack Details
Attack Date:
May 20, 2022

Executive Impersonation Payment Fraud BEC Attack

Initial Email Content

Subject
Management Consultancy Services
Body

Hi [Recipient First Name],

 

 

Can you initiate a transfer that goes out today?

 

If you could expedite this, notify me when you are set to proceed so I can forward an attachment of the payment instructions.

 

Thanks,

 

 

[Executive First Name]

Attack Screenshots

No items found.
No items found.

Malicious Artifacts

Additional Indicators of Compromise

Type

Description

No items found.

Attack Description

This text-based BEC attack impersonates an executive using a matching malicious domain username, a free webmail account, and a spoofed display name to request a fraudulent payment.

Analysis Overview

Type
Business Email Compromise
Tactic
Matching Malicious Domain Username
Free Webmail Account
Spoofed Display Name
Goal
Payment Fraud
Impersonated Party
Employee - Executive
Vector
Text-based
Theme
No items found.
Language