Back to All Attacks
Attack Details
Attack Date:
May 17, 2022
Vendor Impersonation Payment Inquiry Account Update BEC Attack
Initial Email Content
Subject
[Impersonated Vendor Company Name] Invoices
Body
Hi,
Do we have an anticipated payment date for our invoices?.
[Vendor Employee Name]
[Vendor Employee Title]
[Vendor Company Name]
[Vendor Contact Information]
------------
Good morning [Recipient First Name],
Thank you for your email.
Could you please confirm invoice number and amount?. We are in the process of changing banks and would stop accepting check payments as well, we are applying payments manually.
Thank you,
[Vendor Employee Name]
[Vendor Employee Title]
[Vendor Company Name]
[Vendor Contact Information]
Attack Screenshots
No items found.
No items found.
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
No items found.
Attack Description
This text-based BEC attack impersonates a vendor/supplier using a look-alike domain, a spoofed display name, a payment inquiry theme, and an account update theme to request a fraudulent payment.
Analysis Overview
Tactic
Look-alike Domain
Spoofed Display Name
Goal
Payment Fraud
Impersonated Party
External Party - Vendor/Supplier
Vector
Text-based
Theme
Payment Inquiry
Account Update
Language