Vendor Impersonation Payment Inquiry BEC Attack
Initial Email Content
Hello,
Our payment record file shows that there is an outstanding payment that is overdue with you. Can you confirm to us the status of our outstanding and due payments? Please get back to us at the earliest with the total amount outstanding with corresponding due dates and invoices respectively.
We would appreciate it if you could check this out on your end and If the payment has already been sent, please kindly notify us but put a hold on any due payments because of recent changes in our company details.
Kind regards,
[Vendor Employee Title]
[Vendor Company Name].
[Vendor Contact Information]
Attack Screenshots
Malicious Artifacts
Additional Indicators of Compromise
Type
Description
Attack Description
This text-based BEC attack impersonates a vendor/supplier using a spoofed email address, a free webmail account, and a payment inquiry theme to request a fraudulent payment.