Back to All Attacks
Attack Details
Attack Date:
May 17, 2022
Fake Invoice Word Document Attachment Credential Phishing Attack
Initial Email Content
Subject
Invoice for processing
Body
Hello,
Can you please verify that the attached invoice has been submitted for payment. Please feel free to contact me with any questions you may have.
Thank you,
[Compromised Third Party Name]
[Compromised Third Party Email Address]
Attack Screenshots
No items found.
No items found.
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
No items found.
Attack Description
This payload-based attack impersonates a vendor/supplier using an external compromised account and a fake invoice theme to steal credentials.
Analysis Overview
Tactic
External Compromised Account
Goal
Credential Theft
Impersonated Party
External Party - Vendor/Supplier
Vector
Payload-based
Theme
Fake Invoice
Language