Payroll Diversion

Employee - Other

62b3751f8ed5adda9723dd28 1312745489

Maliciously Registered Domain

Spoofed Display Name

Business Email Compromise

Text-based

I can access the employee portal but I keep getting an error message every time I try to modify my direct deposit information. Can I just forward you a voided check or my new account details for you to update before the next pay circle.   [Impersonated Employee Name]  [Impersonated Employee Title] [Target Company Name]

Matrix Debt Relief Debt Collection Legal Matter Fake Billing Scam

PayPal Cryptocurrency Fake Payment Receipt Fake Billing Scam

FedEx Secure Message HTML Attachment Credential Phishing Attack

Vendor Impersonation Overdue Payment BEC Attack

Homepage

The Abnormal Attack Vault

Employee Impersonation Payroll Diversion BEC Attack

Breadcrumbs

Discover the tactics, goal, and vector of a real-world email attack blocked by Abnormal Security.

description

https://optimise2.assets-servd.host/gifted-zorilla/production/images/og-images/ABN-Homepage-Open-Graph-Image_L4R1.png?w=1200&h=630&q=82&auto=format&fit=crop&dm=1659982403&s=8f0a1398bd4d5ac0d88ad2c47f5be2f7

https://intelligence.abnormalsecurity.com/attack-vault/employee-impersonation-payroll-diversion-bec-attack-6645525170010882957

referrer

robots

twitter:card

twitter:creator

twitter:description

https://optimise2.assets-servd.host/gifted-zorilla/production/images/og-images/ABN-Homepage-Open-Graph-Image_L4R1.png?w=800&h=418&q=82&auto=format&fit=crop&dm=1659982403&s=d6850573d7b6852416a45e149d8cddd0

twitter:image

twitter:image:height

twitter:image:width

twitter:title

{"title":{"title":"Abnormal | Employee Impersonation Payroll Diversion BEC Attack"}}

This text-based BEC attack impersonates an employee using a maliciously registered domain and a spoofed display name to divert payroll deposits to a fraudulent account.

Subscribe to our monthly newsletter to receive the latest insights from our team directly in your inbox.

Abnormal Intelligence Email Subscribe

Top Bar

New BEC Insights from Chris Krebs, Former Director of CISA

Employee Impersonation Payroll Diversion BEC Attack

Email Content

Subject

Body

Analysis Overview

Type

Vector

Goal

Tactic

Impersonated Party