Back to All Attacks
Attack Details
Attack Date:
Apr 12, 2022
Vendor Impersonation Overdue Payment BEC Attack
Initial Email Content
Subject
BILL
Body
Dear Sir,
Our Record shows that you have IATA invoices that are due for payment,kindly check your records and get back to us as soon as possible for payment, as failure to do so may lead to sanctions.Please note there is an update in Bank Account information,we request you contact us for our new Bank Account information before your next payment.
Expecting your usual prompt cooperation.
Best Regards,
Ms Linda Morgan
Accounts/Invoicing
International Air Transport Association
IATA Head Office
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
No items found.
Attack Description
This text-based BEC attack impersonates a vendor/supplier using a maliciously registered domain and an overdue payment theme to request a fraudulent payment.
Analysis Overview
Tactic
Maliciously Registered Domain
Goal
Payment Fraud
Impersonated Party
External Party - Vendor/Supplier
Vector
Text-based
Theme
Overdue Payment
Language