Since October 2013 there have been more than 17,642 BEC victims so the FBI recommended that businesses be “wary of e-mail-only wire transfer requests and requests involving urgency” and to pick “up the phone and verify legitimate business partners.” The April 4, 2016 alert entitled “FBI Warns of Dramatic Increase in Business E-Mail Scams” included this explanation:
The schemers go to great lengths to spoof company e-mail or use social engineering to assume the identity of the CEO, a company attorney, or trusted vendor.
They research employees who manage money and use language specific to the company they are targeting, then they request a wire fraud transfer using dollar amounts that lend legitimacy.
Victims range from large corporations to tech companies to small businesses to non-profit organizations.
Many times, the fraud targets businesses that work with foreign suppliers or regularly perform wire transfer payments.
Here’s what the FBI recommends if a company has been “victimized by a BEC scam:”
- Contact your financial institution immediately
- Request that they contact the financial institution where the fraudulent transfer was sent
- File a complaint—regardless of dollar loss—with the IC3.
Of course regular training for employees is critical and is a great deterrent to BEC scams.