More than $55 billion was lost over the past decade to business email compromise (BEC) scams, according to the Federal Bureau of Investigation (FBI). This exceeds the economic output of Vermont or Wyoming.
BEC, also known as email account compromise, is a sophisticated scam targeting both businesses and individuals who perform legitimate fund transfers.
It is frequently carried out when bad actors manage to compromise legitimate business or personal email accounts through social engineering methods or device breach.
According to the latest advisory from the FBI, the BEC scam continues to target both small local businesses and larger companies, as well as personal transactions across the globe.
It warned that techniques threat actors use to access business and personal accounts were also evolving.
So much so that almost $5 billion was added in just over a year to the total losses recorded over the past decade. The lost amount now stands at more than $55 billion, according to the FBI.
This is more than the economic output of US states like Vermont or Wyoming, where the gross domestic product (GDP) was roughly $44 billion and $51 billion last year, according to data from the Bureau of Economic Analysis (BEA).
The numbers show that cybercrime, already the world’s third-largest economy after the US and China, continues to grow.
Race against time
According to the advisory, the BEC scam has been reported in all 50 states and 186 countries, with over 140 countries receiving fraudulent transfers.
Based on the reported financial data, international banks located in the UK and Hong Kong often acted as intermediary stops for funds, followed by China, Mexico, and the UAE.
More than 305,000 domestic and international incidents related to BEC scam were recorded in the period between October 2013 and December 2023.
“If you discover a fraudulent transfer, time is of the essence. Immediately contact your financial institution and request a recall of the funds along with any necessary indemnification documents,” the FBI said in the advisory.
Regardless of the amount lost, victims are urged to file a complaint with the Internet Crime Complaint Center, or IC3, as soon as possible.
“The FBI IC3 may be able to assist both the financial institutions and law enforcement in freezing funds,” the advisory read.
Companies and individuals should also be vigilant and take necessary precautions, including using multi-factor authentication and unique passwords, double-checking any hyperlinks and URLs, and refraining from supplying login credentials and personal information via email.
Your email address will not be published. Required fields are markedmarked