Back to All Attacks
Attack Details
Attack Date:
May 23, 2022
Vendor Impersonation Overdue Payment BEC Attack
Initial Email Content
Subject
#329 - Overdue
Body
Hello,
I hope you’re well. I am reaching out to you regarding Invoice #329. This is a reminder that payment was due on May 6th, and is now two weeks overdue. Please send payment as soon as possible.
As per my company’s payment terms, you will be charged a late fee of 2% per month for invoices 30-days overdue. I have attached the invoice to this email for your reference.
Please let me know if you have any questions.
Kind Regards,
[Vendor Employee Name]
Accounts
[Vendor Company Name]
[Vendor Address]
Attack Screenshots
No items found.
No items found.
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
No items found.
Attack Description
This text-based BEC attack impersonates a vendor/supplier using a look-alike domain, a spoofed display name, and an overdue payment theme to request a fraudulent payment.
Analysis Overview
Tactic
Look-alike Domain
Spoofed Display Name
Goal
Payment Fraud
Impersonated Party
External Party - Vendor/Supplier
Vector
Text-based
Theme
Overdue Payment
Language