SCARS Institute’s Encyclopedia of Scams™ Published Continuously for 25 Years
Business Email Compromise: The $43 Billion Scam
This Public Service Announcement is an update and companion piece to Business Email Compromise PSA I-091019-PSA posted on www.ic3.gov. This PSA includes new Internet Crime Complaint Center complaint information and updated statistics from October 2013 to December 2021.
DEFINITION
Business Email Compromise/Email Account Compromise (BEC/EAC) is a sophisticated scam that targets both businesses and individuals who perform legitimate transfer-of-funds requests.
The scam is frequently carried out when an individual compromises legitimate business or personal email accounts through social engineering or computer intrusion to conduct unauthorized transfers of funds.
The scam is not always associated with a transfer-of-funds request. One variation involves compromising legitimate business email accounts and requesting employees’ Personally Identifiable Information, Wage and Tax Statement (W-2) forms, or even crypto currency wallets.
STATISTICAL DATA
The BEC/EAC scam continues to grow and evolve, targeting small local businesses to larger corporations, and personal transactions. Between July 2019 and December 2021, there was a 65% increase in identified global exposed losses, meaning the dollar loss that includes both actual and attempted loss in United States dollars. This increase can be partly attributed to the restrictions placed on normal business practices during the COVID-19 pandemic, which caused more workplaces and individuals to conduct routine business virtually.
The BEC scam has been reported in all 50 states and 177 countries, with over 140 countries receiving fraudulent transfers. Based on the financial data reported to the IC3 for 2021, banks located in Thailand and Hong Kong were the primary international destinations of fraudulent funds. China, which ranked in the top two destinations in previous years, ranked third in 2021 followed by Mexico and Singapore.
The following BEC/EAC statistics were reported to the FBI IC3, law enforcement and derived from filings with financial institutions between June 2016 and December 2021:
| Domestic and international incidents: | 241,206 |
| Domestic and international exposed dollar loss: | $43,312,749,946 |
| The following BEC/EAC statistics were reported in victim complaints to the IC3 between October 2013 and December 2021: | |
| Total U.S. victims: | 116,401 |
| Total U.S. exposed dollar loss: | $14,762,978,290 |
| Total non-U.S. victims: | 5,260 |
| Total non-U.S. exposed dollar loss: | $1,277,131,099 |
| The following statistics were reported in victim complaints to the IC3 between June 2016 and December 2021: | |
| Total U.S. financial recipients: | 59,324 |
| Total U.S. financial recipient exposed dollar loss: | $9,153,274,323 |
| Total non-U.S. financial recipients: | 19,731 |
| Total non-U.S. financial recipient exposed dollar loss: | $7,859,268,158 |
BEC AND CRYPTOCURRENCY
The IC3 has received an increased number of BEC complaints involving the use of cryptocurrency. Cryptocurrency is a form of virtual asset that uses cryptography (the use of coded messages to secure communications) to secure financial transactions and is popular among illicit actors due to the high degree of anonymity associated with it and the speed at which transactions occur.
The IC3 tracked two iterations of the BEC scam where cryptocurrency was utilized by criminals. A direct transfer to a cryptocurrency exchange (CE) or a “second hop” transfer to a CE. In both situations, the victim is unaware that the funds are being sent to be converted to cryptocurrency.
DIRECT TRANSFER – Mirrors the traditional pattern of BEC incidents in the past.
IC3 Image 1
SECOND HOP TRANSFER – Uses victims of other cyber-enabled scams such as Extortion, Tech Support, and Romance Scams. Often, these individuals provided copies of identifying documents such as driver’s licenses, passports, etc., that are used to open cryptocurrency wallets in their names.
IC3 Image 2
400% Growth In Just ONE YEAR
In the past, the use of cryptocurrency was regularly reported in other crime types seen at the IC3 (e.g., tech support, ransomware, employment), however, it was not identified in BEC-specific crimes until 2018. By 2019, reports had increased, culminating in the highest numbers to-date in 2021 with just over $40M in exposed losses. Based on the increasing data received, the IC3 expects this trend to continue growing in the coming years.
BEC Fraud Chart 1
SUGGESTIONS FOR PROTECTION
- Use secondary channels or two-factor authentication to verify requests for changes in account information.
- Ensure the URL in emails is associated with the business/individual it claims to be from – be careful with spoofing.
- Be alert to hyperlinks that may contain misspellings of the actual domain name.
- Refrain from supplying log-in credentials or PII of any sort via email. Be aware that many emails requesting your personal information may appear to be legitimate.
- Verify the email address used to send emails, especially when using a mobile or handheld device, by ensuring the sender’s address appears to match who it is coming from.
- Ensure the settings in employees’ computers are enabled to allow full email extensions to be viewed.
- Monitor your personal financial accounts on a regular basis for irregularities, such as missing deposits.
SPECIAL BEC SCAM REPORTING
If you discover you are the victim of a fraud incident, immediately contact your financial institution to request a recall of funds. Regardless of the amount lost, file a complaint with www.ic3.gov or, for BEC/EAC victims, BEC.ic3.gov, as soon as possible.
Additionally, we recommend that you also REPORT to the FTC at https://reportfraud.ftc.gov/#/?orgcode=SCARS
-/ 30 /-
What do you think about this?
Please share your thoughts in a comment below!
Article Rating
Table of Contents
- BEC Fraud Reaches $43 Billion Per Year
- Business Email Compromise Scams Explode!
- Business Email Compromise: The $43 Billion Scam
- DEFINITION
- STATISTICAL DATA
- BEC AND CRYPTOCURRENCY
- 400% Growth In Just ONE YEAR
- SUGGESTIONS FOR PROTECTION
- SPECIAL BEC SCAM REPORTING
- Scam Victim Self-Help Do-It-Yourself Recovery Books
- SCARS Printed Books For Every Scam Survivor From SCARS Publishing
MOST POPULAR COMMENTED ARTICLES
POPULAR ARTICLES
Rapid Report Scammers
In the U.S. & Canada
U.S. & Canada Suicide Lifeline 988
RATE THIS ARTICLE?
LEAVE A COMMENT?
Recent Comments
On Other Articles
on Common Tactics & Types Of Relationship Scams: “Having this information now is critical for preventing being scammed again and again. Understanding that the landscape is constantly changing,…” Apr 25, 18:39
on Recognizing Fake U.S. Military Identification Cards – Infographic: “It is a crime to copy or photograph a Military ID. Just by them sending it to you means it…” Apr 25, 00:51
on Recognizing Fake U.S. Military Identification Cards – Infographic: “How can u tell if it’s a real military id” Apr 24, 23:54
on Retrospective Framing – A Cognitive Bias That Changes The Past – 2023: “Thank you for this great article. I have experienced a small portion of retrospective framing in the last days of…” Apr 23, 16:18
Important Information for New Scam Victims
- Please visit www.ScamVictimsSupport.org – a SCARS Website for New Scam Victims & Sextortion Victims
- Enroll in FREE SCARS Scam Survivor’s School now at www.SCARSeducation.org
- Please visit www.ScamPsychology.org – to more fully understand the psychological concepts involved in scams and scam victim recovery
If you are looking for local trauma counselors please visit counseling.AgainstScams.org or join SCARS for our counseling/therapy benefit: membership.AgainstScams.org
If you need to speak with someone now, you can dial 988 or find phone numbers for crisis hotlines all around the world here: www.opencounseling.com/suicide-hotlines
A Note About Labeling!
We often use the term ‘scam victim’ in our articles, but this is a convenience to help those searching for information in search engines like Google. It is just a convenience and has no deeper meaning. If you have come through such an experience, YOU are a Survivor! It was not your fault. You are not alone! Axios!
A Question of Trust
At the SCARS Institute, we invite you to do your own research on the topics we speak about and publish, Our team investigates the subject being discussed, especially when it comes to understanding the scam victims-survivors experience. You can do Google searches but in many cases, you will have to wade through scientific papers and studies. However, remember that biases and perspectives matter and influence the outcome. Regardless, we encourage you to explore these topics as thoroughly as you can for your own awareness.
Statement About Victim Blaming
Some of our articles discuss various aspects of victims. This is both about better understanding victims (the science of victimology) and their behaviors and psychology. This helps us to educate victims/survivors about why these crimes happened and to not blame themselves, better develop recovery programs, and to help victims avoid scams in the future. At times this may sound like blaming the victim, but it does not blame scam victims, we are simply explaining the hows and whys of the experience victims have.
These articles, about the Psychology of Scams or Victim Psychology – meaning that all humans have psychological or cognitive characteristics in common that can either be exploited or work against us – help us all to understand the unique challenges victims face before, during, and after scams, fraud, or cybercrimes. These sometimes talk about some of the vulnerabilities the scammers exploit. Victims rarely have control of them or are even aware of them, until something like a scam happens and then they can learn how their mind works and how to overcome these mechanisms.
Articles like these help victims and others understand these processes and how to help prevent them from being exploited again or to help them recover more easily by understanding their post-scam behaviors. Learn more about the Psychology of Scams at www.ScamPsychology.org
Psychology Disclaimer:
All articles about psychology and the human brain on this website are for information & education only
The information provided in this article is intended for educational and self-help purposes only and should not be construed as a substitute for professional therapy or counseling.
While any self-help techniques outlined herein may be beneficial for scam victims seeking to recover from their experience and move towards recovery, it is important to consult with a qualified mental health professional before initiating any course of action. Each individual’s experience and needs are unique, and what works for one person may not be suitable for another.
Additionally, any approach may not be appropriate for individuals with certain pre-existing mental health conditions or trauma histories. It is advisable to seek guidance from a licensed therapist or counselor who can provide personalized support, guidance, and treatment tailored to your specific needs.
If you are experiencing significant distress or emotional difficulties related to a scam or other traumatic event, please consult your doctor or mental health provider for appropriate care and support.
Also read our SCARS Institute Statement about Professional Care for Scam Victims – click here to go to our ScamsNOW.com website.
Thank you for your comment. You may receive an email to follow up. We never share your data with marketers.