Hackers will these following for data theft, attorney impersonation,
Business E-mail Compromise (BEC) is defined as a sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. The E-mail Account Compromise (EAC) component of BEC targets individuals that perform wire transfer payments.
The techniques used in the BEC/EAC scam have become increasingly similar, prompting the IC3 to begin tracking these scams as a single crime type1 in 2017.
Based on IC3 complaints and other complaint data, there are five main scenarios by which this scam is perpetrated.
1: Case of Business Working with a Foreign Supplier
A business that typically has a longstanding relationship with a supplier receives a request to wire funds for an invoice payment to an alternate, fraudulent account. The request is made via telephone, facsimile, or e-mail. If it’s an e-mail, the subject will spoof the e-mail request so it appears similar to a legitimate request. Likewise, requests made via facsimile or telephone call will closely mimic a legitimate request. This particular scenario is called the “Bogus Invoice Scheme,” “Supplier Swindle,” and “Invoice Modification Scheme.”
2: When a Business Executive is Receiving or Initiating a Request for a Wire Transfer
The e-mail accounts of high-level business executives (Chief Financial Officer, Chief Technology Officer, etc.) are compromised. The account is spoofed or hacked. The hacker sends a request for a wire transfer from the compromised account to a second employee within the company. The employee is typically responsible for processing these requests. In some instances, the fraudster sends directly to the financial institution a request for a wire transfer from the compromised account. The instructions are to urgently send funds to bank “X” for reason “Y. This particular scenario is named “CEO Fraud,” “Business Executive Scam,” “Masquerading,” and “Financial Industry Wire Frauds.”
3: Case of a Business Contacts Receiving Fraudulent Correspondence through Compromised E-mail
An employee of a business has his or her personal e-mail hacked. This personal e-mail is used for both personal and business communications. The hacker uses this employee’s personal e-mail to identify multiple vendors from this employee’s contact lists. He then sends requests for invoice payments to fraudster-controlled bank accounts. The business may not BECome aware of the fraudulent requests until that business is contacted by a vendor to follow up on the status of an invoice payment.
4: Cases of Business Executive and Attorney Impersonation
Victims report being contacted by fraudsters who typically identify themselves as lawyers or representatives of law firms and claim to be handling confidential or time-sensitive matters. This contact may be made via either phone or e-mail. Victims may be pressured by the fraudster to act quickly or secretly in handling the transfer of funds. This type of BEC scam may occur at the end of the business day or work week and be timed to coincide with the close of business of international financial institutions.
5: Data Theft
Fraudulent requests are sent utilizing a business executive’s compromised e-mail. The entities in the business organization responsible for W-2s or maintaining PII, such as the human resources department, bookkeeping, or auditing section, are frequently identified as the targeted recipients of the fraudulent request for W-2 and/or PII. Some of these incidents are isolated and some occur prior to a fraudulent wire transfer request. Victims report they have fallen for this new BEC scenario. Even if they were able to successfully identify and avoid the traditional BEC scam. This data theft scenario of the BEC scam first appeared just prior to the 2016 tax season.