Back to All Attacks
Attack Details
Attack Date:
Jun 22, 2022
Vendor Impersonation Account Update BEC Attack
Initial Email Content
Subject
[Vendor Company Name]-PAYMENT UPDATE
Body
Good Morning,
As of 06/17/22, we have transitioned from Bank Of America to our Chase Bank. We are still receiving lock box/ACH payments into the Bank Of America account which will be permanently closed as of 06/27/22. Please confirm that you have updated your records to reflect the correct banking information listed in the letter attached. Sorry for any inconveniences this might cause.
Thanks!
[Vendor Employee Name]
[Vendor Employee Title]
[Vendor Company Name]
Attack Screenshots
No items found.
No items found.
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
No items found.
Attack Description
This text-based BEC attack impersonates a vendor/supplier using a spoofed email address, a look-alike domain, a personalized email subject, and an account update theme to request a fraudulent payment.
Analysis Overview
Tactic
Spoofed Email Address
Look-alike Domain
Personalized Email Subject
Goal
Payment Fraud
Impersonated Party
External Party - Vendor/Supplier
Vector
Text-based
Theme
Account Update
Language