Business email compromise or transfer fraud is a type of scam where fraudsters search for existing electronic invoices in compromised email accounts of company employees or accounts of an online collaboration platform, give them a different IBAN and resend them. In recent years, fraudsters have increasingly assumed the identity of suppliers, external business partners or subcontractors and sent invoices with modified IBANs to their customers, partners or subsidiaries.
Compromising an online data exchange platform often presents criminals with all the information they need on a silver platter. The stolen credentials also give the attackers access to all company documents. For example, they can even search for information in the calendar (meetings with suppliers or partners) to create a suitable cover story.
Companies that regularly transfer large sums of money to foreign invoice recipients are the main targets. Not only is the profit particularly lucrative in these cases, but the transfer to the criminals' account, which is typically foreign, is less conspicuous.
However, fraud attempts in which the attacker poses as a person from within the target company (CEO fraud) are still common, including simple attempts to slip through forged invoices or pretend in correspondence that the account number has changed.
Despite, or perhaps because of, its simplicity, BEC is a financially lucrative form of cyberfraud.
Effects and risks
- Loss of substantial amounts of money