According to the FBI, Business Email Compromise (BEC for short, or CEO/CFO impersonation fraud) have caused at least USD 3.1 billion in total losses to over 22,000 enterprises around the world.
The FBI defines BEC as a sophisticated email scam that targets businesses working with foreign partners that regularly perform overseas wire transfer payments.
The BEC schemes come in different variations but generally the modus operandi is as follows:
- Cyber criminals use phishing emails and social engineering techniques to gain access to the email accounts and various systems of executives or companies.
- The cyber criminals will identify who the CEO/CFO is or the individual within the company that has authority to transfer funds, as well as the schedules of these executives, i.e., when they would be on business trips or vacation.
- The cyber criminals will then spoof the CEO/CFO’s email accounts or pretend to be the CEO/CFO by email and send instructions to responsible company personnel to effect a fund transfer to an overseas bank account.
- The cyber criminals may also pretend to be a business partner and ask the company to send funds to a new bank account (the fraudulent bank account) by indicating that due to administrative need or tax or audit purposes, they have used a new bank account to receive money for business transactions.
- Upon reaching the criminals’ bank account, the funds are quickly transferred through a number of additional bank accounts to frustrate any attempts to freeze or trace the funds.
Banks in Hong Kong and China are the most commonly reported ending destinations for these fraudulent transfers.
If you are hit by a BEC, the key to recovering the scammed monies is to trace and catch the funds before they have been transferred on. Here are some tips:
- Immediately notify the remitting bank and see if it can contact the correspondent bank or the bank that is receiving the wire transfer to hold and/or to refund the money and to put those banks on notice that they are dealing with the proceeds of crime;
- Immediately report the matter to the FBI and the local law enforcement agencies in the receiving jurisdiction;
- Bringing legal counsel into the picture as soon as possible to maximize the chance of freezing the money by liaising with the law enforcement agencies and the banks, and seek Court intervention for asset freezing orders and to pursue the fraudulent bank accounts that have received the money;
- Consider contacting the insurer if the company has any risk, theft or cyber insurance coverage.