Uncover the latest attacks sent to our Abnormal customers.
Vendor Impersonated with Hijacked Email Thread to Steal Payments
Subject: “RE: FW: [Hijacked Thread Subject]

Attackers impersonate a vendor using a hijacked email thread and a lookalike domain to request payment for a fraudulent invoice worth nearly $10,000.

Attack Date: June 29, 2022
Payment Inquiry Credential Phishing Attack
Subject: “RE: PO-18009612 Payment Statement

This link-based attack impersonates a vendor/supplier using an external compromised account and a payment inquiry theme to steal credentials.

Attack Date: June 28, 2022
Vendor Impersonation Payment Inquiry Credential Phishing Attack
Subject: “Aged Receivables Status

This text-based attack impersonates a vendor/supplier using a look-alike domain, a spoofed display name, and a payment inquiry theme to steal credentials.

Attack Date: June 27, 2022
Fake Invoice Credential Phishing Attack
Subject: “Paid Invoice for [Vendor Company Name] 6/27/2022

This link-based attack impersonates a vendor/supplier using an external compromised account and a fake invoice theme to steal credentials.

Attack Date: June 27, 2022
Vendor Impersonation Payment Inquiry BEC Attack
Subject: “Re: [Vendor Company Name] - Open Invoice

This text-based BEC attack impersonates a vendor/supplier using a look-alike domain and a payment inquiry theme to request a fraudulent payment.

Attack Date: June 27, 2022
Vendor Impersonation Account Update BEC Attack
Subject: “RE: [Target Company Name] invoice May-22

This text-based BEC attack impersonates a vendor/supplier using a hijacked email thread, a look-alike domain, an external compromised account, and an account update theme to request a fraudulent payment.

Attack Date: June 23, 2022
Vendor Impersonation Account Update BEC Attack
Subject: “Please Advise on payment status

This text-based BEC attack impersonates a vendor/supplier using a look-alike domain, a spoofed display name, and an account update theme to request a fraudulent payment.

Attack Date: June 23, 2022
Vendor Impersonation Account Update BEC Attack
Subject: “[Vendor Company Name]-PAYMENT UPDATE

This text-based BEC attack impersonates a vendor/supplier using a spoofed email address, a look-alike domain, a personalized email subject, and an account update theme to request a fraudulent payment.

Attack Date: June 22, 2022
Vendor Impersonation Account Update BEC Attack
Subject: “Vendor update form

This text-based BEC attack impersonates a vendor/supplier using a look-alike domain, a spoofed display name, and an account update theme to request a fraudulent payment.

Attack Date: June 21, 2022
Vendor Impersonation Account Update BEC Attack
Subject: “Outstanding invoices

This text-based BEC attack impersonates a vendor/supplier using a hijacked email thread, a look-alike domain, a spoofed display name, and an account update theme to request a fraudulent payment.

Attack Date: June 16, 2022
Vendor Impersonation Overdue Payment BEC Attack
Subject: “Over due invoice

This text-based BEC attack impersonates a vendor/supplier using a look-alike domain, a spoofed display name, and an overdue payment theme to request a fraudulent payment.

Attack Date: June 20, 2022
Overdue Payment HTML Attachment Credential Phishing Attack
Subject: “[Recipient Company Domain] Outstanding Invoice(s)

This payload-based attack impersonates a vendor/supplier using an external compromised account, a personalized email subject, and an overdue payment theme to steal credentials.

Attack Date: June 10, 2022
Fake Invoice Credential Phishing Attack
Subject: “INV-11473

This link-based attack impersonates a vendor/supplier using a fake attachment, an external compromised account, and a fake invoice theme to steal credentials.

Attack Date: May 27, 2022
Vendor Impersonation Overdue Payment BEC Attack
Subject: “#329 - Overdue

This text-based BEC attack impersonates a vendor/supplier using a look-alike domain, a spoofed display name, and an overdue payment theme to request a fraudulent payment.

Attack Date: May 23, 2022
Vendor Impersonation Payment Inquiry BEC Attack
Subject: “Re: Fw: Re: PWC LLC: #1691134

This text-based BEC attack impersonates a vendor/supplier using a fake email chain, a look-alike domain, and a payment inquiry theme to request a fraudulent payment.

Attack Date: May 20, 2022
Vendor Impersonation Overdue Payment BEC Attack
Subject: “Re[5]: EUROCONTROL Payment Delays

This text-based BEC attack impersonates a vendor/supplier using a look-alike domain and an overdue payment theme to request a fraudulent payment.

Attack Date: May 19, 2022
Vendor Impersonation Overdue Payment Payment Inquiry BEC Attack
Subject: “OUTSTANDING INVOICE REQUEST

This text-based BEC attack impersonates a vendor/supplier using a spoofed email address, a free webmail account, an overdue payment theme, and a payment inquiry theme to request a fraudulent payment.

Attack Date: May 18, 2022
Vendor Impersonation Overdue Payment BEC Attack
Subject: “Invoice 960201 Overdue.

This text-based BEC attack impersonates a vendor/supplier using a look-alike domain and an overdue payment theme to request a fraudulent payment.

Attack Date: May 19, 2022
Vendor Impersonation Overdue Payment BEC Attack
Subject: “Unpaid Invoice- 992890

This text-based BEC attack impersonates a vendor/supplier using a look-alike domain, a spoofed display name, and an overdue payment theme to request a fraudulent payment.

Attack Date: May 18, 2022
Vendor Impersonation Payment Inquiry Account Update BEC Attack
Subject: “[Impersonated Vendor Company Name] Invoices

This text-based BEC attack impersonates a vendor/supplier using a look-alike domain, a spoofed display name, a payment inquiry theme, and an account update theme to request a fraudulent payment.

Attack Date: May 17, 2022
Vendor Impersonation Overdue Payment BEC Attack
Subject: “re: past due invoice

This text-based BEC attack impersonates a vendor/supplier using a look-alike domain and an overdue payment theme to request a fraudulent payment.

Attack Date: May 18, 2022
Vendor Impersonation Overdue Payment BEC Attack
Subject: “Overdue Account

This text-based BEC attack impersonates a vendor/supplier using a spoofed email address, a look-alike domain, a matching malicious domain username, and an overdue payment theme to request a fraudulent payment.

Attack Date: May 17, 2022
Fake Invoice Credential Phishing Attack
Subject: “[Compromised Third Party Company Name] Inv 41063

This link-based attack impersonates a vendor/supplier using a fake attachment, an external compromised account, and a fake invoice theme to steal credentials.

Attack Date: May 17, 2022
Fake Invoice Word Document Attachment Credential Phishing Attack
Subject: “Invoice for processing

This payload-based attack impersonates a vendor/supplier using an external compromised account and a fake invoice theme to steal credentials.

Attack Date: May 17, 2022
Vendor Impersonation Overdue Payment BEC Attack
Subject: “Due Shipping Bill

This text-based BEC attack impersonates a vendor/supplier using a look-alike domain and an overdue payment theme to request a fraudulent payment.

Attack Date: May 17, 2022
Vendor Impersonation Overdue Payment BEC Attack
Subject: “INV394 - Statement Due

This text-based BEC attack impersonates a vendor/supplier using a maliciously registered domain and an overdue payment theme to request a fraudulent payment.

Attack Date: May 13, 2022
Fake Invoice Word Document Attachment Credential Phishing Attack
Subject: “Outstanding Invoice Paid

This payload-based attack impersonates a vendor/supplier and DocuSign using an external compromised account, a Word Document attachment, and a fake invoice theme to steal credentials.

Attack Date: May 12, 2022
Vendor Impersonation Payment Inquiry BEC Attack
Subject: “Payment Outstanding

This text-based BEC attack impersonates a vendor/supplier using a spoofed email address, a free webmail account, and a payment inquiry theme to request a fraudulent payment.

Attack Date: May 12, 2022
Fake Invoice Link-based Malware Attack
Subject: “Invoice from eRev Inc

This link-based attack impersonates a vendor/supplier using a self-addressed spoofed email and a fake invoice theme to deliver malware.

Attack Date: May 12, 2022
Fake Invoice HTML Attachment Credential Phishing Attack
Subject: “FW: Invoice #15427

This link-based attack impersonates a vendor/supplier using a compromised external account and a fake invoice theme to steal credentials.

Attack Date: May 3, 2022
Vendor Impersonation Overdue Payment BEC Attack
Subject: “Outstanding Invoice

This text-based BEC attack impersonates a vendor/supplier using a spoofed display name, a look-alike domain, and an overdue payment theme to request a fraudulent payment.

Attack Date: May 11, 2022
Vendor Impersonation Account Update BEC Attack
Subject: “[Vendor Name] invoice payment

This text-based BEC attack impersonates a vendor/supplier using a spoofed display name, a look-alike domain, and an account update theme to request a fraudulent payment.

Attack Date: May 10, 2022
Vendor Impersonation Payment Inquiry BEC Attack
Subject: “INVOICE'S DUE/OPEN "UPDATE"

This text-based BEC attack impersonates a vendor/supplier using a spoofed email address, a free webmail account, and a payment inquiry theme to request a fraudulent payment.

Attack Date: May 10, 2022
Vendor Impersonation Overdue Payment Account Update BEC Attack
Subject: “[Impersonated Vendor Name]: Due Invoices

This text-based BEC attack impersonates a vendor/supplier using a spoofed display name, a maliciously registered domain, an overdue payment theme, and an account update theme to request a fraudulent payment.

Attack Date: May 9, 2022
Vendor Impersonation Overdue Payment BEC Attack
Subject: “Outstanding Invoice:. 003880012 Reminder !!!

This text-based BEC attack impersonates a vendor/supplier using a look-alike domain and an overdue payment theme to request a fraudulent payment.

Attack Date: May 9, 2022
Vendor Impersonation Account Update BEC Attack
Subject: “Please Advise on payment status

This text-based BEC attack impersonates a vendor/supplier using display name spoofing, a look-alike domain, and an account update theme to request a fraudulent payment.

Attack Date: May 5, 2022
Vendor Impersonation Payment Inquiry BEC Attack
Subject: “Audit of Accounts

This text-based BEC attack impersonates a vendor/supplier using a free webmail account and a payment inquiry theme to request a fraudulent payment.

Attack Date: May 5, 2022
Vendor Impersonation Overdue Payment BEC Attack
Subject: “BILL

This text-based BEC attack impersonates a vendor/supplier using a maliciously registered domain and an overdue payment theme to request a fraudulent payment.

Attack Date: April 12, 2022
Adobe Fake Document Credential Phishing Attack
Subject: “ACH Remittance

This link-based attack impersonates Adobe using an external compromised account and a fake document theme to steal credentials.

Attack Date: April 7, 2022
Vendor Impersonation Payment Inquiry BEC Attack
Subject: “Invoice Settlement Reminder

This text-based BEC attack impersonates a vendor/supplier using email spoofing, a free webmail account, and a payment inquiry theme to request a fraudulent payment.

Attack Date: May 4, 2022
Vendor Impersonation Account Update BEC Attack
Subject: “[TARGET COMPANY NAME] PO # A482281 for [IMPERSONATED VENDOR NAME]

This text-based BEC attack impersonates a vendor/supplier using a look-alike domain, display name spoofing, and a payment account update theme to request a fraudulent payment.

Attack Date: April 26, 2022
Vendor Impersonation Fake Invoice Credential Phishing Attack
Subject: “Remittance Advice

This link-based attack impersonates a vendor/supplier using a fake attachment, compromised external account, and a fake invoice theme to steal credentials.

Attack Date: May 3, 2022
Vendor Impersonation Fake Email Chain BEC Attack
Subject: “Re: PWC LP: INVOICE# 001691134 PAYMENT DUE

This text-based BEC attack impersonates a vendor/supplier using a fake email chain, display name spoofing, and a look-alike domain to request a fraudulent payment.

Attack Date: May 2, 2022
Vendor Impersonation Payment Inquiry BEC Attack
Subject: “UNPAID INVOICE

This text-based BEC attack impersonates a vendor/supplier using email address spoofing, a free webmail account, an overdue payment theme, and a payment account update theme to request a fraudulent payment.

Attack Date: April 25, 2022
Vendor Impersonation Payment Fraud Overdue Payment Account Update BEC Attack
Subject: “ACH Payment Status

This text-based BEC attack impersonates a vendor/supplier using display name spoofing, a look-alike domain, an overdue payment theme, and a payment account update theme to request a fraudulent payment.

Attack Date: April 29, 2022
Vendor Impersonation Overdue Payment BEC Attack
Subject: “[Impersonated Vendor]: Due Invoices

This text-based BEC attack impersonates a vendor/supplier using display name spoofing, a maliciously registered domain, an overdue payment theme, and a payment account update theme to request a fraudulent payment.

Attack Date: April 27, 2022
Vendor Impersonation Overdue Payment BEC Attack
Subject: “RE:[Impersonated Third Party]:Unpaid Invoice

This text-based BEC attack impersonates a vendor/supplier using display name spoofing a maliciously registered domain, and an overdue payment theme to request a fraudulent payment.

Attack Date: April 25, 2022

Filters

Attack Vector

Attack Goal

Attack Tactic

Impersonated Party

Attack Type

Theme

Impersonated Brand

Attack Language