Back to All Attacks
Attack Details
Attack Date:
May 17, 2022
Executive Impersonation Payroll Diversion BEC Attack
Initial Email Content
Subject
[Impersonated Executive Name]
Body
Hi,
I have a little issue with the bank, I forgot my password and I tried logging with different passwords and my Bank blocked my online access for security purpose because they thought it was an unauthorized person trying to log in, so the bank generated a new account number for me. Can the change be made before the next pay ?
Thanks,
[Executive Name]
Attack Screenshots
No items found.
No items found.
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
No items found.
Attack Description
This text-based BEC attack impersonates an executive using a personalized email subject, a spoofed display name, and a free webmail account to divert payroll deposits to a fraudulent account.
Analysis Overview
Tactic
Personalized Email Subject
Spoofed Display Name
Free Webmail Account
Goal
Payroll Diversion
Impersonated Party
Employee - Executive
Vector
Text-based
Theme
No items found.
Language