Back to All Attacks
Attack Details
Attack Date:
Jun 21, 2022
Vendor Impersonation Account Update BEC Attack
Initial Email Content
Subject
Vendor update form
Body
Hello,
We would like to keep ACH payment setup; however, our receiving information has changed.
Kindly provide the Vendor update form.
[Impersonated Vendor Employee Name]
Accounts Receivable
[Impersonated Vendor Company Name]
Attack Screenshots
No items found.
No items found.
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
No items found.
Attack Description
This text-based BEC attack impersonates a vendor/supplier using a look-alike domain, a spoofed display name, and an account update theme to request a fraudulent payment.
Analysis Overview
Tactic
Look-alike Domain
Spoofed Display Name
Goal
Payment Fraud
Impersonated Party
External Party - Vendor/Supplier
Vector
Text-based
Theme
Account Update
Language