Back to All Attacks
Attack Date: May 17, 2022
Employee Impersonation Payroll Diversion BEC Attack
This text-based BEC attack impersonates an employee using a spoofed display name and a maliciously registered domain to divert payroll deposits to a fraudulent account.
Email Content
Subject
Stub
Body
I can access the employee portal but I keep getting an error message every time I try to modify my direct deposit information. Can I just forward you a voided check or my new account details for you to update before the next pay circle.
[Impersonated Employee Name]
[Impersonated Employee Title]
[Target Company Name]