Armorblox has released its latest research diving deep into a new two-way attack dubbed, VIP Invoice Authentication Fraud, that aids bad actors in executing financial fraud, specifically payment fraud, on target organizations. In this attack, bad actors utilize a new twist on executive impersonation and executive email domain spoofing tactics – by seemingly including the victim’s boss – to further exploit victims’ trust, sense of urgency, and quick execution of the request: payment of a fake invoice.
How it works: In the first part of this attack, the bad actor sends an email to both the victim and their “boss” (via a spoofed email address), pretending to be a legitimate company or individual and asking end users to pay an invoice. In the second part of the attack, the bad actor will then reply to the email thread, using the spoofed domain account to impersonate the victim’s boss and instruct them to pay the invoice as soon as possible.
You can read the research here.
Like this:
Like Loading...
Related
This entry was posted on May 16, 2023 at 9:00 am and is filed under Commentary with tags Armorblox. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Hackers Impersonate Execs to Execute Financial Fraud Scams in Two-Way Attack: Armorblox
Armorblox has released its latest research diving deep into a new two-way attack dubbed, VIP Invoice Authentication Fraud, that aids bad actors in executing financial fraud, specifically payment fraud, on target organizations. In this attack, bad actors utilize a new twist on executive impersonation and executive email domain spoofing tactics – by seemingly including the victim’s boss – to further exploit victims’ trust, sense of urgency, and quick execution of the request: payment of a fake invoice.
How it works: In the first part of this attack, the bad actor sends an email to both the victim and their “boss” (via a spoofed email address), pretending to be a legitimate company or individual and asking end users to pay an invoice. In the second part of the attack, the bad actor will then reply to the email thread, using the spoofed domain account to impersonate the victim’s boss and instruct them to pay the invoice as soon as possible.
You can read the research here.
Share this:
Like this:
Related
This entry was posted on May 16, 2023 at 9:00 am and is filed under Commentary with tags Armorblox. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.