Back to All Attacks
Attack Details
Attack Date:
Apr 25, 2022
Vendor Impersonation Payment Inquiry BEC Attack
Initial Email Content
Subject
UNPAID INVOICE
Body
Dear Customer,
Greetings and best wishes from us.
Please confirm the status of your Due/Outstanding Invoices for reconciliation purposes with the total amount and corresponding due dates as there has been a new development in our company.
Kindly hold off on payment till you get our new payment information from us.
Thank you in anticipation of your reply.
Best Regards,
[Impersonated Vendor Employee Name]
Accounting Manager
[Impersonated Vendor Website]
Attack Screenshots
No items found.
No items found.
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
No items found.
Attack Description
This text-based BEC attack impersonates a vendor/supplier using email address spoofing, a free webmail account, an overdue payment theme, and a payment account update theme to request a fraudulent payment.
Analysis Overview
Tactic
Spoofed Email Address
Free Webmail Account
Goal
Payment Fraud
Impersonated Party
External Party - Vendor/Supplier
Vector
Text-based
Theme
Payment Inquiry
Language