Back to All Attacks
Attack Details
Attack Date:
May 5, 2022
Employee Impersonation New Vendor Payment Fraud BEC Attack
Initial Email Content
Subject
Check for a new vendor
Body
[Recipient First Name]
Is there any possibility that you can cut a check today for a new
vendor that did a consulting job for us? The invoice is past due
already.
[Impersonated Employee Name]
[Impersonated Employee Title]
[Impersonated Employee Company]
Attack Screenshots
No items found.
No items found.
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
No items found.
Attack Description
This text-based BEC attack impersonates an employee using display name spoofing, a free webmail account, and a new vendor theme to request a fraudulent payment.
Analysis Overview
Tactic
Spoofed Display Name
Free Webmail Account
Goal
Payment Fraud
Impersonated Party
Employee - Other
Vector
Text-based
Theme
New Vendor
Language