Payment Fraud

External Party - Vendor/Supplier

62b5ff15d50d8f586f33c557 355989043

Personalized Email Subject

Look-alike Domain

Spoofed Email Address

Account Update

Business Email Compromise

Text-based

Good Morning, As of 06/17/22, we have transitioned from Bank Of America to our Chase Bank. We are still receiving lock box/ACH payments into the Bank Of America account which will be permanently closed as of 06/27/22. Please confirm that you have updated your records to reflect the correct banking information listed in the letter attached. Sorry for any inconveniences this might cause. Thanks! [Vendor Employee Name][Vendor Employee Title][Vendor Company Name]

Employee Impersonation Employee Incentive Gift Card Request BEC Attack

Executive Impersonation Aging Report Theft BEC Attack

Employee Impersonation Payroll Diversion BEC Attack

Fake Document Link-based Malware Attack

Homepage

The Abnormal Attack Vault

Vendor Impersonation Account Update BEC Attack

Breadcrumbs

Discover the tactics, goal, and vector of a real-world email attack blocked by Abnormal Security.

description

https://intelligence.abnormalsecurity.com/attack-vault/vendor-impersonation-account-update-bec-attack-2546541790943971255

referrer

robots

{"title":{"title":"Abnormal Intelligence | Vendor Impersonation Account Update BEC Attack"}}

This text-based BEC attack impersonates a vendor/supplier using a spoofed email address, a look-alike domain, a personalized email subject, and an account update theme to request a fraudulent payment.

Subscribe to our monthly newsletter to receive the latest insights from our team directly in your inbox.

Abnormal Intelligence Email Subscribe

Top Bar

New BEC Insights from Chris Krebs, Former Director of CISA

Vendor Impersonation Account Update BEC Attack

Email Content

Subject

Body

Analysis Overview

Type

Vector

Goal

Tactic

Theme

Impersonated Party