Ancient Tortoise: A Deeper Look at the Aging Report BEC Attack Chain

Example Ancient Tortoise email requesting a company aging report. (NOTE: Names and persona domains have been changed.)
Ancient Tortoise email targeting aging report customers.
Continued Ancient Tortoise engagement requesting “payment” account.
Original fake invoice.
Invoice modified by Ancient Tortoise.
Sample metadata from a modified Ancient Tortoise invoice.

--

--

--

Agari is the Trusted Email Identity Company™, protecting companies and people from phishing and socially-engineered email attacks.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

The Secure Edge: Daily Round-up of Infosec Blogs #31

The Secure Edge: Daily Round-up of Infosec Blogs — Issue #66

Repelling A Ransomware Attack: Mark Kirstein of Cosant Cyber Security On The 5 Things You Need To…

Repelling A Ransomware Attack: Sagi Berco of NanoLock Security On The 5 Things You Need To Do To…

The Secure Edge: Daily Round-up of Infosec Blogs — Issue #49

How companies handed cybersecurity to their employees… and how to take it back

{UPDATE} Mr. Dog: Scary Story Hack Free Resources Generator

How to vote for the Council?

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Agari

Agari

Agari is the Trusted Email Identity Company™, protecting companies and people from phishing and socially-engineered email attacks.

More from Medium

SFTP Setup using Password and Key based 2FA Authentication

The Option to Migrate off Authy’s Proprietary System

“Madame Bovary, c’est moi!” —

How the technology community has failed the privacy concerns for everyone on it.