Personalized Email Subject
Spoofed Display Name
Free Webmail Account
Personalized Email Subject
No items found.
No items found.
Back to All Attacks
Attack Details
Attack Date:
May 3, 2022

Employee Impersonation Payroll Diversion BEC Attack

Initial Email Content

Subject
[Impersonated Employee Last Name] 03/05
Body

Hi [Recipient First Name],

Has payroll been completed? I received a new account today, what information would you need to update my direct deposit account?

Regards,
[Impersonated Employee Name].


Get Outlook for iOS

Attack Screenshots

No items found.
No items found.

Malicious Artifacts

Additional Indicators of Compromise

Type

Description

No items found.

Attack Description

This text-based BEC attack impersonates an employee using a personalized email subject, display name spoofing, and a free webmail account to divert payroll deposits to a fraudulent account.

Analysis Overview

Type
Business Email Compromise
Tactic
Personalized Email Subject
Spoofed Display Name
Free Webmail Account
Goal
Payroll Diversion
Impersonated Party
Employee - Other
Vector
Text-based
Theme
No items found.
Language