in

FBI efforts to disrupt business email compromise scams leads to 65 arrests

A major businesses email compromise (BEC) scheme which has cost victims millions of dollars has been disrupted in an international operation coordinated by the FBI. 

Over a period of three months which started in September 2021, ‘Operation Eagle Sweep’ resulted in the arrests of 65 people suspects. Arrests were made in the United States as well 12 in Nigeria, eight in South Africa, two in Canada, and one in Cambodia. 

The operation targeted scammers who were believed to be behind business email compromise attacks targeting over 500 victims in the United States which caused losses of at least $51 million. 

BEC attacks see cyber criminals use social engineering to trick an employee at a business into transferring a large sum of money to an account controlled by the scammers. 

Common techniques used in BEC attacks including sending emails designed to look like urgent requests for payments from your boss or a colleague.  

Cyber criminals have also been known to use phishing emails to hack into email accounts and monitor communications around real business deals and contracts, waiting until the deal is about to be completed before sending an email from the compromised user which asks for the real payment, but directs it into a bank account owned by the attackers. 

SEE: How to keep your bank details and finances more secure online

While many of these campaigns target businesses to make off with hundreds of thousands or millions of dollars at once, the FBI says that the same criminal groups which carry out BEC attacks also target individuals, including homebuyers and the elderly. Romance scams also follow a similar model. 

According to the Internet Crime Complaint Center (IC3), victims of BEC attacks reported total losses of nearly $2.4 billion in 2021. 

“The FBI works tirelessly with our domestic and international partners to disrupt and dismantle criminal enterprises, to stop the victimization of U.S. citizens and businesses, and to impose real consequences on cybercriminals using our unique authorities and enduring partnerships,” said Assistant Director Bryan Vorndran of the FBI’s Cyber Division.  

“Our message to criminals involved in these BEC schemes will remain clear: We will pursue you no matter where you may be located. The public we serve deserves nothing less,” he added. 

Law enforcement agencies around the world helped conduct investigations and arrests. Those working alongside the FBI and U.S. Postal Inspection Service include the Nigerian Economic and Financial Crimes Commission, South African Police Service, Toronto Police Service, Cambodian National Police, as well as law enforcement agencies in Australia and Japan. Microsoft Corporation’s Digital Crimes Unit also provided assistance. 

MORE ON CYBERSECURITY


Source: Information Technologies - zdnet.com

Google: Multiple hacking groups are using the war in Ukraine as a lure in phishing attempts

Meet BlackGuard: a new infostealer peddled on Russian hacker forums