Payroll Diversion

Employee - Other

6284097afc831169430420fc 1143237829

Matching Malicious Domain Username

Extended Spoofed Display Name

Personalized Email Subject

Maliciously Registered Domain

Business Email Compromise

Text-based

Hi [Recipient First Name], I am closing my current account and I would like to make changes to myDirect Deposit information with my new Bank account. Can the changes be in effect before the current pay date? Best Regards, [Impersonated Employee Name] Sent from my iPhone

Vendor Impersonation Overdue Payment BEC Attack

Stewart Title Company Real Estate Transaction Fake Document Credential Phishing Attack

Executive Impersonation Payroll Diversion BEC Attack

Polish Executive Impersonation Payment Fraud BEC Attack

Homepage

The Abnormal Attack Vault

Employee Impersonation Payroll Diversion BEC Attack

Breadcrumbs

Discover the tactics, goal, and vector of a real-world email attack blocked by Abnormal Security.

description

https://intelligence.abnormalsecurity.com/attack-vault/employee-impersonation-payroll-diversion-bec-attack-1770451160244270307

referrer

robots

{"title":{"title":"Abnormal Intelligence | Employee Impersonation Payroll Diversion BEC…"}}

This text-based BEC attack impersonates an employee using an extended spoofed display name, a matching malicious domain username, a personalized email subject, and a maliciously registered domain to divert payroll deposits to a fraudulent account.

Subscribe to our monthly newsletter to receive the latest insights from our team directly in your inbox.

Abnormal Intelligence Email Subscribe

Top Bar

New BEC Insights from Chris Krebs, Former Director of CISA

Employee Impersonation Payroll Diversion BEC Attack

Email Content

Subject

Body

Analysis Overview

Type

Vector

Goal

Tactic

Impersonated Party