"Business Email Compromise: The $50 Billion Scam"
According to the FBI's Internet Crime Complaint Center (IC3), Business Email Compromise (BEC) is a sophisticated scam targeting businesses and individuals performing legitimate transfer-of-funds requests. The scam is often perpetrated when someone compromises legitimate business or personal email accounts through social engineering or computer intrusion to conduct unauthorized fund transfers. BEC is not always associated with a request to transfer funds. BEC attack variations often involve compromising legitimate business email accounts and requesting Personally Identifiable Information (PII), Wage and Tax Statement (W-2) forms, and cryptocurrency wallets from employees. The BEC scam continues to evolve, targeting small local businesses, larger companies, and personal transactions. In 2022, the IC3 observed an increase in the reporting of BEC incidents. BEC attacks have been reported in all 50 states and 177 countries. According to the financial data reported to the IC3 for 2022, banks in Hong Kong and China were the primary international destinations of fraudulent funds. The UK, which often serves as an intermediary stop for funds, Mexico, and Singapore followed. This article continues to discuss the concept of BEC attacks, statistical data on these attacks, and suggestions for protecting against BEC attacks.
HSToday reports "Business Email Compromise: The $50 Billion Scam"