Payroll Diversion

Employee - Other

628517c17d6f90c0fafdd523 699974006

Maliciously Registered Domain

Spoofed Display Name

Business Email Compromise

Text-based

I can access the employee portal but I keep getting an error message every time I try to modify my direct deposit information. Can I just forward you a voided check or my new account details for you to update before the next pay circle.   [Impersonated Employee Name] [Impersonated Employee Title]  [Target Company Name]

Executive Impersonation Payroll Diversion BEC Attack

German Legal Matter PDF Attachment Extortion Attack

Executive Impersonation Overdue Payment Legal Matter Payment Fraud BEC Attack

Fake Invoice Word Document Attachment Credential Phishing Attack

Homepage

The Abnormal Attack Vault

Employee Impersonation Payroll Diversion BEC Attack

Breadcrumbs

Discover the tactics, goal, and vector of a real-world email attack blocked by Abnormal Security.

description

https://intelligence.abnormalsecurity.com/attack-vault/employee-impersonation-payroll-diversion-bec-attack-6196020334223023477

referrer

robots

{"title":{"title":"Abnormal Intelligence | Employee Impersonation Payroll Diversion BEC…"}}

This text-based BEC attack impersonates an employee using a spoofed display name and a maliciously registered domain to divert payroll deposits to a fraudulent account.

Subscribe to our monthly newsletter to receive the latest insights from our team directly in your inbox.

Abnormal Intelligence Email Subscribe

Top Bar

New BEC Insights from Chris Krebs, Former Director of CISA

Employee Impersonation Payroll Diversion BEC Attack

Email Content

Subject

Body

Analysis Overview

Type

Vector

Goal

Tactic

Impersonated Party