Initial Email Content
Subject
Paid Invoice for [Vendor Company Name] 6/27/2022
Body
Hi [Recipient First Name],
Please find attached your remittance advice for [Vendor Company Name]. Payment will be in your account Friday.
[Vendor Company Name] BACS REMIT PAYMENT DOCUMENT.xlsx
This is system generated email, please do not reply.
Kind regards
[Vendor Employee Name]
Accounts Payable Manager
Sent Mon, Jun 27, 2022 5:49 PM
Attack Screenshots
No items found.
No items found.
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
No items found.
Attack Description
This link-based attack impersonates a vendor/supplier using an external compromised account and a fake invoice theme to steal credentials.
Analysis Overview
Tactic
External Compromised Account
Goal
Credential Theft
Impersonated Party
External Party - Vendor/Supplier
Vector
Link-based
Theme
Fake Invoice
Language