Back to All Attacks
Attack Details
Attack Date:
Apr 13, 2022
Employee Impersonation Payroll Diversion BEC Attack
Initial Email Content
Subject
NEW FINANCIAL INSTITUTION INFORMATION UPDATE
Body
Hello,
Asap: I would like to change my financial institution on file to a secured banking information and I will appreciate it if you can make the changes for me at your end and can i send you my new banking information before the next payroll is submitted?
Thanks,
[Employee Name]
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
No items found.
Attack Description
This text-based BEC attack impersonates a non-executive employee using display name spoofing and a free webmail account to divert payroll deposits to a fraudulent account.
Analysis Overview
Tactic
Spoofed Display Name
Free Webmail Account
Goal
Payroll Diversion
Impersonated Party
Employee - Other
Vector
Text-based
Theme
No items found.
Language