FBI’s BEC Crackdown Leads To 74 Arrests Globally

The FBI announced Monday the results of a major crackdown on scammers behind business email compromise (BEC) campaigns that resulted in 74 arrests and the retrieval of millions of dollars.

Several U.S. federal authorities and police from other countries were involved in Operation WireWire, a six-month sweeping investigation that lead to arrests of suspected scammers in the U.S. and overseas. It said 42 arrested were located in the U.S., 29 in Nigeria and three in Canada, Mauritius, and Poland.

The operation also resulted in the seizure of nearly $2.4 million and the recovery of about $14 million in fraudulent wire transfers, said the FBI.

The crackdown “demonstrates the FBI’s commitment to disrupt and dismantle criminal enterprises that target American citizens and their businesses,” according to FBI Director Christopher Wray in a statement.

While the FBI did not specify which campaigns those arrested were involved with, it said that in a number of cases those charged were involved with international criminal organizations that defrauded small and large businesses. The FBI added, criminals also targeted individual victims who were conned into transferring large sums of money or sensitive records.

Local and state law enforcement partners from FBI task forces across the country have also charged 15 alleged money mules for their roles in defrauding victims, said the FBI. The money mules, authorities said, generally receive the stolen money and then transfer the funds as directed by the scam operators, keeping a fraction of the profit.

BEC scams often target employees with access to company finances and trick them—using tricky methods including social engineering—into making wire transfers to bank accounts purporting to be from trusted partners or clients, but instead controlled by the criminals themselves. The scams have targeted an array of victims, from Fortune 500 companies, to small businesses – all the way down to individual elderly victims.

Palo Alto Networks’ Unit 42 said in a report released in May about Nigerian cybercrime that they found Nigerian business email compromise (BEC) linked incidents have shot up 45 percent in 2017 compared to the year prior, representing 17,600 attacks per month.

“We have observed that these actors continue to demonstrate increased organization,” the Unit 42 researchers said in their report. “The social connections between these actors have become more robust and complex through leveraging social media platforms to promote their networking efforts.”

BEC scams have continued to crop up in 2018, with a new wave of campaigns targeting Fortune 500 companies that are designed to trick victims into fraudulent wire transfers discovered in February.

According to the FBI’s most recent Internet Crime Complaint Center report, released in May, BEC scams made up the majority of complaints in 2017, with 15,690 individuals affected and accounting for adjusted losses of more than $675 million. In 2017, the real estate sector was in particular heavily targeted, the FBI said.

Graphic credit: Palo Alto Networks’ Unit 42