Back to All Attacks
Attack Details
Attack Date:
May 4, 2022
Vendor Impersonation Payment Inquiry BEC Attack
Initial Email Content
Subject
Invoice Settlement Reminder
Body
Hello,
We want to update our accounting record for the previous months till date which has not yet been balanced. We are currently looking to clear all outstanding, due and open invoices and would like to request an up-to-date statement of our account showing all unpaid and outstanding invoices for our reference.
Please send us as a reminder a copy of the invoice or the unpaid balance with the due dates for accounting purposes and do not make any payment without notifying us for confirmation.
Best regards,
[VENDOR EMPLOYEE NAME]
CFO
Attack Screenshots
No items found.
No items found.
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
No items found.
Attack Description
This text-based BEC attack impersonates a vendor/supplier using email spoofing, a free webmail account, and a payment inquiry theme to request a fraudulent payment.
Analysis Overview
Tactic
Spoofed Email Address
Free Webmail Account
Goal
Payment Fraud
Impersonated Party
External Party - Vendor/Supplier
Vector
Text-based
Theme
Payment Inquiry
Language