Back to All Attacks
Attack Date: June 23, 2022
Vendor Impersonation Account Update BEC Attack
This text-based BEC attack impersonates a vendor/supplier using a hijacked email thread, a look-alike domain, an external compromised account, and an account update theme to request a fraudulent payment.
Email Content
Subject
RE: [Target Company Name] invoice May-22
Body
Hi [Recipient First Name],
Please find attached our updated payment details attached. Kindly note all payment should be made to our chase bank.
Kindly acknowledge receipt and revert in case of any query.
Regards,
AR Team,
[Vendor Company Name]
From:[Vendor Company Name] <[Vendor Email Address]>
Sent:Thursday, June 23, 2022 3:08 PM
To:[Hijacked Thread Original Recipients]
Cc:[Hijacked Thread Original Recipients]
Subject: [Hijacked Thread Subject]
[Hijacked Thread Content]