Back to All Attacks
Attack Details
Attack Date:
May 5, 2022
Vendor Impersonation Payment Inquiry BEC Attack
Initial Email Content
Subject
Audit of Accounts
Body
Hello
Please we want to audit/close the book of accounting for the period ended 2021 and March 2022. We would like to know if you/your company owes us any outstanding payments till date. If you do, how much is it and when is the payment due date?
Also if you have not paid yet, kindly hold off with the payment.
Your immediate response will be highly appreciated.
Kind Regards,
[Impersonated Vendor Employee Name]
Accounts Receivable
[Impersonated Vendor Company Name].
Attack Screenshots
No items found.
No items found.
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
No items found.
Attack Description
This text-based BEC attack impersonates a vendor/supplier using a free webmail account and a payment inquiry theme to request a fraudulent payment.
Analysis Overview
Tactic
Free Webmail Account
Goal
Payment Fraud
Impersonated Party
External Party - Vendor/Supplier
Vector
Text-based
Theme
Payment Inquiry
Language