Back to All Attacks
Attack Details
Attack Date:
May 13, 2022
Vendor Impersonation Overdue Payment BEC Attack
Initial Email Content
Subject
INV394 - Statement Due
Body
Hello,
We have tried contacting you on numerous occasions regarding the following unpaid invoice which is now over 30 days overdue: INV934
This matter has now reached a critical point and we require immediate payment of this amount to avoid further action. Please contact me immediately to advise when we can expect payment of this outstanding amount.
Thanks in advance for your understanding and cooperation.
Thank you,
[Vendor Employee Name] | [Vendor Employee Title] | [Vendor Company Name]
[Vendor Contact Information]
Attack Screenshots
No items found.
No items found.
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
No items found.
Attack Description
This text-based BEC attack impersonates a vendor/supplier using a maliciously registered domain and an overdue payment theme to request a fraudulent payment.
Analysis Overview
Tactic
Maliciously Registered Domain
Goal
Payment Fraud
Impersonated Party
External Party - Vendor/Supplier
Vector
Text-based
Theme
Overdue Payment
Language