On September 10, the DOJ announced a coordinated effort with the U.S. Department of Homeland Security, the U.S. Department of the Treasury, the U.S. Postal Inspection Service, and the U.S. Department of State, against a series of Business Email Compromise (BEC) scams. The effort was conducted over a four-month period, resulting in the seizure of nearly $3.7 million and the arrest of 281 individuals in the U.S. and overseas, including 167 in Nigeria, 18 in Turkey and 15 in Ghana, along with arrests in France, Italy, Japan, Kenya, Malaysia, and the U.K. According to the DOJ, “BEC, also known as ‘cyber-enabled financial fraud,’ is a sophisticated scam often targeting employees with access to company finances and businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments.” BEC scams can involve requests for paper checks and may not actually “compromise” an email account or computer network. The DOJ notes that many BEC scams are perpetrated by foreign citizens, who are often members of transnational criminal organizations.
As previously covered by InfoBytes, the Financial Crimes Enforcement Network (FinCEN), in July, discussed efforts designed to restrict and impede Business Email Compromise (BEC) scammers and other illicit actors who profit from email compromise fraud schemes and issued an updated advisory, providing general trends in BEC schemes, information concerning the targeting of non-business entities, and risks associated with the targeting of vulnerable business processes.