US Moves Against BEC Fraud

News

A workers’ union in Massachusetts received last year an email purportedly from an employee of an investment consulting firm, requesting a payment change. The address looked legitimate and off went US$6.4 million to a fraudulent account.

June 7, 2024

The email address turned out to be spoofed and now the United States launched a civil forfeiture action, aiming to reclaim the proceeds from the so-called ‘targeted business email compromise’ (BEC) scheme.

The fraudulently acquired funds were apparently funneled through a network of intermediary bank accounts, with portions diverted or attempted to be funneled to a cryptocurrency exchange and multiple bank accounts across international destinations, including Hong Kong, China, Singapore, and Nigeria, according to the statement.

“BEC fraud schemes present a serious threat to businesses and individuals nationwide, causing significant financial and emotional harm to victims by exploiting trusted communication channels they rely upon every day,” said Acting U.S. Attorney Joshua S. Levy.

The sophisticated fraud scheme targets businesses that use wire transfers as a form of payment. Mainly those would be large global corporations, governments, but also individuals. The current global daily losses are estimated at approximately $8 million, according to the U.S. Secret Service.

Just on Wednesday, Italian and U.S. authorities together uncovered a major international fraud scheme employing the BEC technique and targeting an Italian and a U.S. company that supplied travertine products to a $1.4 million temple renovation project in New York.

The investigation began after the Italian company alerted the Postal Police and Cyber Security Service after the U.S. company, believing it was paying the Italian supplier, transferred $700,000—half the total amount—to a fraudulent bank account.

In reality, both companies fell victim to a BEC attack, where cybercriminals took control of their email accounts, uncovering sensitive details about orders and financial transactions.

According to police, the hackers infiltrated the email communications and swapped the legitimate international bank account numbers (IBAN) with their own, redirecting the payments.

As a result of the joint operation, authorities identified a money mule orchestrating the transfer of stolen funds to multiple accounts as directed by the cyber scammers. The investigation in the U.S. is ongoing and seeks to apprehend additional suspects and recover the remaining funds.