Back to All Attacks
Attack Date: May 18, 2022
Vendor Impersonation Overdue Payment BEC Attack
This text-based BEC attack impersonates a vendor/supplier using a look-alike domain and an overdue payment theme to request a fraudulent payment.
Email Content
Subject
re: past due invoice
Body
Hello Dealer/Distributor,
I am one of the auditors for [Impersonated Vendor Company Name]. We are currently in the middle of the financial statement audit for the year ended 2021/2022 and would like to inquire regarding any outstanding payment/due invoice with the Company, and if you do, how much is the due/outstanding payment and when is the payment due date?
Also if you have not paid yet, kindly hold off with the payment for our further instructions.
Awaiting your email response.
Best Regards,
[Impersonated Vendor Employee Name]
Accounts Receivables
[Impersonated Vendor Company Name]
[Impersonated Vendor Company Address]