The Internet Crime Complaint Center (IC3), a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C), warns the public about a Business E-mail Compromise (BEC) scam in its recent Public Service Announcement (PSA).
According to IC3, the BEC is a sophisticated scam that targets businesses that work with foreign suppliers and/or businesses that perform wire transfers. This global scam has affected subjects and victims in many countries, including victims in every U.S. state and 45 countries.
What you need to know
What makes this scam so detrimental is the fraudulent wire transfer payments, sent as a result of this scam, are sent to foreign banks and may be transferred several times and quickly dispersed without the victim’s knowledge. The PSA details the amount of money lost to this scam, with a total loss of over $214 million.
BEC victims range from small to large businesses, including purchasers and/or suppliers of goods such as textiles, furniture, food and pharmaceuticals. This PSA also specifically warns attorneys of an “Attorney Check Scam” that is being linked to the BEC scam.
Based on IC3 complaints on other complaint data, IC3 has provided a list of common versions of the scam and common characteristics, which include, but are not limited to:
- Businesses and personnel using open source e-mail are most targeted
- Individuals at the business responsible for handling wire transfers are targeted
- Spoofed emails very closely mimic a legitimate email
- The phrases “code to admin expenses” or “urgent wire transfer” were reported by victims in some of the fraudulent e-mail requests
What you can do to make sure you don’t get scammed
IC3 warns businesses to be aware of ‘sudden changes in business practices.’ Companies should avoid free web-based emails by establishing a company web site domain and use that to establish company email accounts. Employees should be careful what is posted on social meeting, with special attention to not posting job duties/descriptions, hierarchal information and out-of-office details.
IC3 encourages businesses to file complaints with IC3 if you feel that your business has been targeted. Details of the complaint process can be found in the PSA.
Latest posts by admin (see all)
- Clearwater Compliance Offers Virtual Chief Information Security Officer to Help Hospitals Stay Ahead of Cyber Threats - March 20, 2018
- Cleveland Clinic’s Charles Kolodkin and Clearwater’s Bob Chaput Share Crucial Steps in Developing a Hospital Cyber Risk Management Strategy - March 6, 2018
- Clearwater Compliance Offers Webinar with Former OCR Top HIPAA Leader Iliana Peters - March 1, 2018