Back to All Attacks
Attack Details
Attack Date:
May 12, 2022
Fake Invoice Word Document Attachment Credential Phishing Attack
Initial Email Content
Subject
Outstanding Invoice Paid
Body
kindly view attachment
Attack Screenshots
No items found.
No items found.
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
No items found.
Attack Description
This payload-based attack impersonates a vendor/supplier and DocuSign using an external compromised account, a Word Document attachment, and a fake invoice theme to steal credentials.
Analysis Overview
Tactic
External Compromised Account
Goal
Credential Theft
Impersonated Party
External Party - Vendor/Supplier
Vector
Payload-based
Theme
Fake Invoice
Language