Executive Impersonation Payroll Diversion BEC Attack

Initial Email Content

Subject

DD-Update

Body

Hi [Target Name],

‍

Quick one - I need to update my paycheck direct deposit info. Can the

change be effective for the next pay date?

‍

Thanks,

[Executive Name].

‍

Get Outlook for iOS

Attack Screenshots

No items found.

Malicious Artifacts

Additional Indicators of Compromise

Type

Description

No items found.

Attack Description

This text-based BEC attack impersonates an executive using display name spoofing and a compromised external account to divert payroll deposits to a fraudulent account.

Analysis Overview

Type

Business Email Compromise

Tactic

Spoofed Display Name

External Compromised Account

Goal

Payroll Diversion

Impersonated Party

Employee - Executive

Vector

Text-based

Theme

No items found.

Language