Back to All Attacks
Attack Details
Attack Date:
May 9, 2022
Vendor Impersonation Overdue Payment BEC Attack
Initial Email Content
Subject
Outstanding Invoice:. 003880012 Reminder !!!
Body
Hi [Recipient First Name]
I'm writing to inform you I haven't received payment for invoice number
003880012, which was due some months ago. I originally sent the invoice
on
September 27, 2021.Please let me know if you have any questions about
this
invoice. I'll call you tomorrow if I don't hear from you to ensure this
email reaches you.
Thank you for your time!
Best Regards,
[Impersonated Vendor Employee Name]
[Impersonated Vendor Company Name]
Attack Screenshots
No items found.
No items found.
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
No items found.
Attack Description
This text-based BEC attack impersonates a vendor/supplier using a look-alike domain and an overdue payment theme to request a fraudulent payment.
Analysis Overview
Tactic
Look-alike Domain
Goal
Payment Fraud
Impersonated Party
External Party - Vendor/Supplier
Vector
Text-based
Theme
Overdue Payment
Language