Payment Fraud

External Party - Vendor/Supplier

62b9ef98f3be5830e06daa13 1105336673

62b9ef98f3be582a966daa14 2070972217

Hijacked Email Thread

Look-alike Domain

External Compromised Account

Account Update

Business Email Compromise

Text-based

Hi [Recipient First Name], Please find attached our updated payment details attached. Kindly note all payment should be made to our chase bank. Kindly acknowledge receipt and revert in case of any query. Regards, AR Team, [Vendor Company Name] From:[Vendor Company Name] &lt;[Vendor Email Address]&gt;Sent:Thursday, June 23, 2022 3:08 PMTo:[Hijacked Thread Original Recipients]Cc:[Hijacked Thread Original Recipients]Subject: [Hijacked Thread Subject] [Hijacked Thread Content]

Executive Impersonation Payment Fraud BEC Attack

Vendor Impersonation Account Update BEC Attack

Executive Impersonation Mergers & Acquisitions Payment Fraud BEC Attack

Executive Impersonation New Vendor Payment Fraud BEC Attack

Homepage

The Abnormal Attack Vault

Breadcrumbs

Discover the tactics, goal, and vector of a real-world email attack blocked by Abnormal Security.

description

https://intelligence.abnormalsecurity.com/attack-vault/vendor-impersonation-account-update-bec-attack-2527173684105555180

referrer

robots

{"title":{"title":"Abnormal Intelligence | Vendor Impersonation Account Update BEC Attack"}}

This text-based BEC attack impersonates a vendor/supplier using a hijacked email thread, a look-alike domain, an external compromised account, and an account update theme to request a fraudulent payment.

Subscribe to our monthly newsletter to receive the latest insights from our team directly in your inbox.

Abnormal Intelligence Email Subscribe

Top Bar

New BEC Insights from Chris Krebs, Former Director of CISA

Vendor Impersonation Account Update BEC Attack

Email Content

Subject

Body

Analysis Overview

Type

Vector

Goal

Tactic

Theme

Impersonated Party