According to a recent public service announcement, the FBI's Internet Crime Complaint Center ("IC3") states the business email compromise (BEC)/email account compromise (EAC) scam continues to grow. BEC is a sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. The EAC is a component of BEC targeting individuals that execute wire transfer payments. The scam is carried out when a subject compromises legitimate business email accounts through social engineering (ex. phishing) or computer intrusion techniques to make unauthorized transfers of funds. Victims of the BEC/EAC scam range from small businesses to large corporations. Between January 2015 and December 2016 there was a 2,370 percent increase in identified exposed losses. The scam has been reported in all 50 states and 131 countries. The domestic and international exposed dollar loss exceeds $5.3 billion. Exposed dollar loss includes actual and attempted loss in United States dollars.
The IC3 stated businesses with an increased awareness and understanding of this scam are more likely to avoid falling victim and sending fraudulent payments. Also, businesses with robust internal prevention techniques have been successful in recognizing and deflecting BEC/EAC attempts.
Suggestions for protection include:
Other steps UHY suggests are:
UHY Advisors can help assess your risk and develop the training and awareness programs you need to avoid falling victim to these scams. Contact your local UHY Advisors professional.