FBI Shows You How to Spot a Business Email Compromise Scam, Cuffs 281 BEC Operators

The US Federal Bureau of Investigation (FBI) and federal partners have arrested 281 alleged cybercriminals across nine countries, dismantling one of the biggest international business email compromise (BEC) operations.

According to a news release posted on, Operation reWired was a months-long, multi-agency fight against “an insidious scam that tricks businesses and individuals into wiring money to criminals,” also known as business email compromise, or BEC.

A case that was part of Operation reWired illustrates how the BEC scheme works. From the news release:

“Beginning in 2015, two men working remotely from the United Kingdom and Nigeria sent emails to an executive at a Connecticut-based company appearing to be from the company’s CEO, who was also located overseas. The purported CEO was requesting a wire transfer of funds. The email looked legitimate, so the company’s controller sent multiple wire transfers totaling more than $500,000. But as it turns out, the CEO’s email account had been spoofed—and the money went straight into accounts managed by the criminals.”

Of the 281 arrests confirmed by the FBI, 74 were made in the United States alone. Arrests were also made in Nigeria, Turkey, Ghana, France, Italy, Japan, Kenya, Malaysia, and the United Kingdom, officials said.

Authorities seized nearly $3.7 million and disrupted and recovered approximately $118 million in fraudulent wire transfers.

The FBI’s Internet Crime Complaint Center (IC3) officially began tracking BEC (and its variant, email account compromise, or EAC) in 2013. Since then, it has gathered reports of more than $10 billion in losses from U.S. victims alone, with the worldwide tally exceeding $26 billion so far. According to the Bureau, “The effects of this crime are far-reaching, and the dollar amounts involved are staggering.”

As part of the announcement, the FBI offers a series of best practices to keep BEC operators at bay. Special Agent Jennifer Boyer, who worked the case out of the FBI’s New Haven Field Office, encourages everyone to pause and think before hitting the send button to wire money.

“Take a moment to consider that maybe it’s not your boss and pick up the phone and verify,” she said.

Other tips include:

  • Use two-factor authentication to verify any change to account information or wire instructions
  • Check the full email address on any message and be alert to hyperlinks that may contain misspellings of the actual domain name
  • Don’t supply login credentials or personal information in response to a text or email
  • Regularly monitor financial accounts
  • Keep all software and systems up to date

Investigators warn that BEC schemes don’t just target companies, but regular users as well, such as real estate purchasers or the elderly.

“The request will always appear to come from someone known to or trusted by the victim,” the FBI says.

People who suspect they have fallen victim to BEC are encouraged to contact local law enforcement and file a complaint online with the IC3 at

According to a report from AIG, one of the largest insurance companies in the world, Business Email Compromise (BEC) is now the top cause of loss for cyber claims.

*** This is a Security Bloggers Network syndicated blog from Business Insights In Virtualization and Cloud Security authored by Filip Truta. Read the original post at: