Spoofed Email Address
Maliciously Registered Domain
Spoofed Email Address
No items found.
No items found.
Back to All Attacks
Attack Details
Attack Date:
Apr 25, 2022

Executive Impersonation Payroll Diversion BEC Attack

Initial Email Content

Subject
DIRECT DEPOSIT INFO UPDATED
Body

Hi ,
I changed my bank and I'll like to update my paycheck deposit details, can the change be effective for the current pay date? also can i send the new details to you now ?

[Executive Name].


Sent from my iPhone

Attack Screenshots

No items found.
No items found.

Malicious Artifacts

Additional Indicators of Compromise

Type

Description

No items found.

Attack Description

This text-based BEC attack impersonates an executive using a spoofed email address and a maliciously registered domain to divert payroll deposits to a fraudulent account.

Analysis Overview

Type
Business Email Compromise
Tactic
Spoofed Email Address
Maliciously Registered Domain
Goal
Payroll Diversion
Impersonated Party
Employee - Executive
Vector
Text-based
Theme
No items found.
Language