Vendor Impersonation Account Update BEC Attack
Initial Email Content
Attn: Accounts Payable Manager:
[Vendor Company Name] greatly appreciates you as a valued customer and we want to thank you for your continued business.
Our office will like to update our Bank Account information details you have on file
Please note, Mailing of check payments has been temporarily put on hold for now until further notice, All payments has to go through Direct Deposit ACH payment and Wire transfer
Could you please check if you have any open invoice payable to us as accounting is still not able to get onto the server or into Oracle to review accounts or post payments that may have been received.
Best Regards
[Vendor Employee Name]
Attack Screenshots
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
Attack Description
This text-based BEC attack impersonates a vendor/supplier using a look-alike domain, a spoofed display name, and an account update theme to request a fraudulent payment.