Back to All Attacks
Attack Details
Attack Date:
May 11, 2022
Vendor Impersonation Overdue Payment BEC Attack
Initial Email Content
Subject
Outstanding Invoice
Body
Hi ,
I am reaching out to you on behalf of [Impersonated Vendor Name] concerning an outstanding payment which is long overdue with the Invoice 474864. This invoice is past due and your prompt payment is appreciated.
Could you kindly check your records and advise accordingly?
I wait to hear from you soon
Best Regards
[Impersonated Vendor Employee Name]
[Impersonated Vendor Employee Title]
[Impersonated Vendor Name]
[Impersonated Vendor Contact Information]
Attack Screenshots
No items found.
No items found.
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
No items found.
Attack Description
This text-based BEC attack impersonates a vendor/supplier using a spoofed display name, a look-alike domain, and an overdue payment theme to request a fraudulent payment.
Analysis Overview
Tactic
Look-alike Domain
Spoofed Display Name
Goal
Payment Fraud
Impersonated Party
External Party - Vendor/Supplier
Vector
Text-based
Theme
Overdue Payment
Language