Back to All Attacks
Attack Details
Attack Date:
Apr 25, 2022
Vendor Impersonation Overdue Payment BEC Attack
Initial Email Content
Subject
RE:[Impersonated Third Party]:Unpaid Invoice
Body
Hello,
Can you please confirm with your accounting department if there's any due/unpaid invoices owed to our company, as we are currently switching to a new accounting software and a couple of invoices are missing? We apologize for the inconvenience, kindly attach any due/unpaid invoices with this email. I'll appreciate it if all concerned people treat this as urgent. Thanks.
Regards,
[Impersonated Vendor ExecutiveName]
Chief Executive Officer
[Impersonated Vendor Company]
[Impersonated Vendor Address]
Attack Screenshots
No items found.
No items found.
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
No items found.
Attack Description
This text-based BEC attack impersonates a vendor/supplier using display name spoofing a maliciously registered domain, and an overdue payment theme to request a fraudulent payment.
Analysis Overview
Tactic
Spoofed Display Name
Maliciously Registered Domain
Goal
Payment Fraud
Impersonated Party
External Party - Vendor/Supplier
Vector
Text-based
Theme
Overdue Payment
Language