FBI Details Evolving Sophistication Of BEC Scammers

The FBI has once again sounded the alarm on the proliferation of digital fraud like ransomware and the business email compromise (BEC) scam, releasing new stats on the financial damage such criminal activity has caused in the U.S. in recent years.

The continually surging danger of cyberattacks can be attributed to the ever-evolving nature of these criminals, the FBI recently told The Wall Street Journal, pointing to the steady climb of financial losses related to the BEC scam.

“Now, the actors involved are a lot more sophisticated and share intelligence and organized networks,” said Michael Driscoll, who is the special agent in charge of cyber-and-counterintelligence at the FBI’s New York unit.

Offering an example of the evolving sophistication, the FBI pointed to new spins on the BEC, with one of the most recent involving scammers not mimicking suppliers or corporate executives, but a company’s own CEO to steal funds from the payroll department.

In another iteration, DLA Piper Law Firm partner Edward McAndrew told the publication that criminals will hack into a company’s email server and identify which executives’ email addresses they can spoof to trick unsuspecting employees.

“This is no longer a situation where some person who wasn’t paying close attention got duped,” he said.

Below, PYMNTS breaks down the data behind the latest stories in B2B payments fraud, including cyberattacks, the Business Email Compromise, invoice fraud and more.

3 individuals were arrested in India for an invoice fraud scam, according to CNBCTV reports this week. The individuals are accused of establishing 17 fake companies that sent out invoices to other businesses without actually providing goods and services. Reports said the accused reportedly were able to file tax refund claims with the fraudulent invoices to the tune of $1.5 million, a reflection of how B2B invoices can be used to defraud government entities, too.

$276,000 was paid to one vendor of a San Diego school district that now claims the supplier never actually provided the services, according to San Diego Union Tribune reports. It’s been nearly four years since the school district paid the bill for an after school program, with the district having now filed a lawsuit against the vendor in February. According to the lawsuit, the vendor agreed to provide a $150,000 check to settle the case, but the school district claims the check bounced.

$388,700 was lost in a BEC scam by Shark Tank host Barbara Corcoran, recent reports said, making her the second star of the television show to recall their experience with B2B payments fraud. She told reporters that her company received a fraudulent email chain posing as Corcoran’s assistant requesting payment for a real estate renovation to her company’s bookkeeper. Last month, fellow Shark Tank star Mark Cuban also noted that in his early days as an entrepreneur, he lost $82,000 in an accounts payable fraud scam from one of his own employees.

$144 million is the value of ransomware bitcoin payments over the last six years, new data from the FBI revealed, according to recent reports in TechRadar. The FBI shared the information at a recent security conference and warned that the figure does not include losses that individuals and businesses alike face in the aftermath of an attack. For corporate victims, that means investing in revamped security services, public relations services to preserve reputation, and other operational costs.

23,775 complaints of BEC were filed with the FBI last year, recent reports from The Wall Street Journal said, with experts warning that email scammers are growing ever-more sophisticated. Last year saw more than 3,000 more BEC scam complaints filed with the FBI compared to 2018 volumes, with estimated annual losses resulting in $1.7 billion in 2019. The FBI told the publication that as the BEC scam evolves, one of the more recent iterations involves a fraudster posing as a real employee and requesting the payroll department to change the bank account into which payroll funds are deposited.