IC3 and FBI warn about Business Email Compromise aka Wire Payment Scam

IC3 and FBI warn about a significant increase of cases related to Business Email Compromise, nearly 2,000 individuals were victims of a wire payment scam.

According to an online statement from the Internet Crime Complaint Center (IC3) and the FBI, nearly 2,000 individuals were victims of a wire payment scam that was extended to 45 countries and led to an estimated loss of $215 million.

In response to the wire payment scam law enforcement to issue a widespread warning about a large scale operation that is tricking employees at both small and large businesses, and for this reason called the Business Email Compromise.

“The Business Email Compromise (BEC) is a sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. Formerly known as the Man-in-the-E-mail Scam, the BEC was renamed to focus on the “business angle” of this scam and to avoid confusion with another unrelated scam.” reports the statement.

According to the statement, the illegal activities run at least in a two-month period (From 10/01/2013 to 12/01/2014) during which cyber criminals posing as suppliers or business partners of a targeted firm and requested funds transferred to a fraudulent account in order to process an invoice or other form of payment.

The Asian countries, China and Hong Kong above all, are the places where are located banks used as ending destination for these fraudulent transfers. The criminal crews behind the “Business Email Compromise” were asking fund transfers via an email or telephone call.

The official statistics regarding Business Email Compromise published by IC3 are reported below:

Total U.S. victims: 1198
Total U.S. dollar loss: $179,755,367.08
Total non-U.S. victims: 928
Total non-U.S. dollar loss: $35,217,136.22
Combined victims: 2126
Combined dollar loss: $214,972,503.30

The fraud scheme is very simple, busy employees received a request to transfer funds by representatives of high management of their company.

It is clear that businesses and personnel using open source e-mail are most targeted by Business Email Compromise, in many cases the criminals spoofed e-mails of individuals within enterprises who are entitled to submit such payment requests.

Individuals responsible for handling wire transfers within a specific companies are privileged targets of criminals which compose well-worded e-mail requests for a wire transfer.

The attacker behind Business Email Compromise scams shows a deep knowledge of their victims, their requests are proportional to the economic capabilities of the target and of the specific individual used as the sender of the request. The criminals sent e-mails concurrently with business travel dates for executives whose e-mails were spoofed.

The statement reported three different versions of the Business Email Compromise based on complaints received since 2009:

Version 1
A business, which often has a long standing relationship with a supplier, is asked to wire funds for invoice payment to an alternate, fraudulent account. This particular version has also been referred to as “The Bogus Invoice Scheme,” “The Supplier Swindle,” and “Invoice Modification Scheme.”

Version 2
The e-mail accounts of high-level business executives (CFO, CTO, etc) are compromised. The account may be spoofed or hacked. A request for a wire transfer from the compromised account is made to a second employee within the company who is normally responsible for processing these requests. This particular version has also been referred to as “CEO Fraud,” “Business Executive Scam,” “Masquerading,” and “Financial Industry Wire Frauds.”

Version 3
An employee of a business has his/her personal e-mail hacked. Requests for invoice payments to fraudster-controlled bank accounts are sent from this employee’s personal e-mail to multiple vendors identified from this employee’s contact list. The business may not become aware of the fraudulent requests until they are contacted by their vendors to follow up on the status of their invoice payment.

It is very important that business employees are informed about Business Email Compromise, I suggest you to carefully read the suggestions for protections reported in the online statement from the Internet Crime Complaint Center (IC3) and the FBI.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Business Email Compromise, cybercrime)

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.