Companies should take notice of a new fraud scheme that has been making the rounds, targeting businesses that regularly make wire transfers. Known as the "Business E-mail Compromise," or BEC, this scam targets employees responsible for wiring money, instructing them under false pretenses to wire large sums to fraudulent accounts. The Federal Bureau of Investigation estimates that the scam has claimed over 2,000 victims and resulted in losses totaling nearly $215 million since October 2013.
In one version of the BEC fraud, the e-mail accounts of high-level business executives (CEO, CFO, CTO, etc.) are compromised by the creation of spoof e-mail addresses. The imposters then use the compromised executive's e-mail account to send a request for a wire transfer to a second employee within the company who is responsible for processing such requests. This version of the scheme has been referred to as "CEO Fraud" or the "Business Executive Scam."
In another variation of the scam, businesses which have a long-standing relationship with a particular supplier or vendor (i.e. a landlord) receive a spoofed e-mail purportedly from that vendor directing the business to wire funds for invoice payment to an alternate, fraudulent account. This version of the scheme has been referred to as "The Bogus Invoice Scheme" or "The Supplier Swindle."
Are you prepared to detect and prevent a BEC fraud? Asking yourself and your teams the following questions may help:
If you answered “no” to any of these questions or would like additional information, please contact us.
More information about the fraud is available from the Internet Crime Complaint Center (IC3), a partnership of the FBI and the National White Collar Crime Center.