Back to All Attacks
Attack Date: May 17, 2022
Vendor Impersonation Payment Inquiry Account Update BEC Attack
This text-based BEC attack impersonates a vendor/supplier using a look-alike domain, a spoofed display name, a payment inquiry theme, and an account update theme to request a fraudulent payment.
Email Content
Subject
[Impersonated Vendor Company Name] Invoices
Body
Hi,
Do we have an anticipated payment date for our invoices?.
[Vendor Employee Name]
[Vendor Employee Title]
[Vendor Company Name]
[Vendor Contact Information]
------------
Good morning [Recipient First Name],
Thank you for your email.
Could you please confirm invoice number and amount?. We are in the process of changing banks and would stop accepting check payments as well, we are applying payments manually.
Thank you,
[Vendor Employee Name]
[Vendor Employee Title]
[Vendor Company Name]
[Vendor Contact Information]