Back to All Attacks
Attack Details
Attack Date:
May 17, 2022
Vendor Impersonation Overdue Payment BEC Attack
Initial Email Content
Subject
Due Shipping Bill
Body
Hello,
I hope you’re well. Invoice number 832 was due on 14th of April and is now over 30 days overdue. Please pay the total balance of this invoice at your earliest convenience.
In line with our payment policies, you will be charged a daily fee until this invoice is paid.
Please let me know if there is any reason why payment of this invoice cannot be made within seven working days.
Regards
[Vendor Employee Name]
Finance Officer
Attack Screenshots
No items found.
No items found.
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
No items found.
Attack Description
This text-based BEC attack impersonates a vendor/supplier using a look-alike domain and an overdue payment theme to request a fraudulent payment.
Analysis Overview
Tactic
Look-alike Domain
Goal
Payment Fraud
Impersonated Party
External Party - Vendor/Supplier
Vector
Text-based
Theme
Overdue Payment
Language