Losses from Business Email Compromise (BEC) fraud have grown every year since the FBI began tracking them in 2013. As payments accelerate and fraud tactics grow, financial institutions need fraud detection and prevention technology that evolves and protects them from the hidden liabilities of BEC. Find out how data driven technology can help protect your institution from fraud no matter how the financial criminals change their schemes.
Business Email Compromise (BEC) is defined by the FBI’s IC3 as “a sophisticated scam targeting businesses that perform electronic payments such as wire or ACH transfers.” In addition to diverting funds, BEC perpetrators may also target Personally Identifiable Information (PII) or W-2s, which can either be further exploited, resold, or both. This type of fraud can range from quick, one-time hits to sophisticated infiltration schemes that unfold over months or even years. And as the numbers below reveal, it is an extremely lucrative criminal pursuit.
Losses from Business Email Compromise schemes have grown every year since the FBI began tracking them in 20133. In 2019, this type of fraudster siphoned money from its corporate victims at the rate of nearly $203,000 per hour. Last year, the FBI named BEC the top financial threat (by reported losses) to American business organizations5. However, Financial institutions (FIs) have often taken a different, less urgent view.
The FBI has outlined five scenarios that are typically used to execute BEC scams.
- Payment change request: “Bogus Invoice” or “Supplier Swindle
- Executive wire transfers: “CEO Fraud” or “Masquerading”
- Contact compromise: to spoof a legitimate communication from existing supplier
- Executive or attorney Impersonation: to provide false urgency to a fraudulent transaction
- Data theft: request W-2s or PII data via compromised email from employee
Download the white paper to learn three steps that you can take to safeguard your institution.
