Spoofed Email Address
Matching Malicious Domain Username
Maliciously Registered Domain
Spoofed Email Address
No items found.
No items found.
Back to All Attacks
Attack Details
Attack Date:
Jun 27, 2022

Executive Impersonation Payroll Diversion BEC Attack

Initial Email Content

Subject
Instant response!!
Body

Dear [Recipient First Name],

Sending this as regards an update on my Bank details and would like to request that my Paycheck information be changed from it's current profile to the new account details. Can the change be effective for the current pay date?



Yours sincerely


[Executive Name]

Attack Screenshots

No items found.
No items found.

Malicious Artifacts

Additional Indicators of Compromise

Type

Description

No items found.

Attack Description

This text-based BEC attack impersonates an executive using a spoofed email address, a matching malicious domain username, and a maliciously registered domain to divert payroll deposits to a fraudulent account.

Analysis Overview

Type
Business Email Compromise
Tactic
Spoofed Email Address
Matching Malicious Domain Username
Maliciously Registered Domain
Goal
Payroll Diversion
Impersonated Party
Employee - Executive
Vector
Text-based
Theme
No items found.
Language