Back to All Attacks
Attack Date: May 13, 2022
Vendor Impersonation Overdue Payment BEC Attack
This text-based BEC attack impersonates a vendor/supplier using a maliciously registered domain and an overdue payment theme to request a fraudulent payment.
Email Content
Subject
INV394 - Statement Due
Body
Hello,
We have tried contacting you on numerous occasions regarding the following unpaid invoice which is now over 30 days overdue: INV934
This matter has now reached a critical point and we require immediate payment of this amount to avoid further action. Please contact me immediately to advise when we can expect payment of this outstanding amount.
Thanks in advance for your understanding and cooperation.
Thank you,
[Vendor Employee Name] | [Vendor Employee Title] | [Vendor Company Name]
[Vendor Contact Information]