AP received 'updated wire details' invoice from longstanding vendor — sender domain is one-letter look-alike, $48,250 payment scheduled tomorrow
A medium Cybersecurity scenario on Business Email Compromise (Vendor Invoice).
Start a graded attempt against this scenario. Your response is scored by the same deterministic rubric used across the catalog. Email and evidence content stay hidden until you start.
Launches this exact scenario. One of 5 templates in this Track + Difficulty pool.
catalog id · business-email-compromise-vendor-invoice
What this scenario practices, mapped to recognized frameworks.
Educational mapping only. Not a compliance attestation.
- Vendor-invoice fraud recognition
- Out-of-band verification discipline
- Phishing · Initial AccessT1566 · TA0001MappedHigh confidence
Trains BEC-style vendor impersonation recognition.
- User Behavior AnalysisD3-UBAMappedHigh confidence
Trains behavioral baselines for finance-team request flows.
- Communications · RespondRS.CO · RSMappedHigh confidence
Trains stakeholder-communication discipline under fraud pressure.
- IR lifecycle phaseDetection & AnalysisMappedHigh confidence
Trains triage of vendor-invoice anomalies.
- IR lifecycle phaseContainment, Eradication & RecoveryMappedHigh confidence
Trains finance-pause and out-of-band-verify workflow.
- Email Security2.JMappedHigh confidence
Trains the email-security baseline for spoof-resistant flows.
- Phishing-Resistant MFA2.EMappedMedium confidence
Trains MFA discipline behind mailbox compromise prevention.
- Email and Web Browser ProtectionsControl 9MappedHigh confidence
Trains the email-protection control the scenario exercises.
- Security Awareness and Skills TrainingControl 14MappedHigh confidence
Trains the awareness baseline for finance-team handling.