Payroll Diversion

Employee - Executive

6282ac76dd02aafb59994ae4 1584999599

Personalized Email Subject

Maliciously Registered Domain

Spoofed Display Name

Business Email Compromise

Text-based

Trust you're good? I need to change my direct deposit for payroll. My present account on file is no longer active. I’m putting in a replacement account. You will probably be needing my new account and routine numbers? Kind Regards [Executive First Name]

Chase Fake Payment Receipt Credential Phishing Attack

IRS Fake Document PDF Attachment Credential Phishing Attack

Vendor Impersonation Overdue Payment BEC Attack

Wix Suspended Account Credential Phishing Attack

Homepage

The Abnormal Attack Vault

Executive Impersonation Payroll Diversion BEC Attack

Breadcrumbs

Discover the tactics, goal, and vector of a real-world email attack blocked by Abnormal Security.

description

https://intelligence.abnormalsecurity.com/attack-vault/executive-impersonation-payroll-diversion-bec-attack-2524522027247950416

referrer

robots

{"title":{"title":"Abnormal Intelligence | Executive Impersonation Payroll Diversion BEC…"}}

This text-based BEC attack impersonates an executive using a personalized email subject, a spoofed display name, and a maliciously registered domain to divert payroll deposits to a fraudulent account.

Subscribe to our monthly newsletter to receive the latest insights from our team directly in your inbox.

Abnormal Intelligence Email Subscribe

Top Bar

New BEC Insights from Chris Krebs, Former Director of CISA

Executive Impersonation Payroll Diversion BEC Attack

Email Content

Subject

Body

Analysis Overview

Type

Vector

Goal

Tactic

Impersonated Party