The $3 Billion Email Scam

The FBI released a new public service announcement on Tuesday warning businesses about CEO email fraud.

More than $3 billion has been lost globally to CEO email fraud, otherwise known as BEC (business email compromise) or whaling attempts, according to the FBI.

BEC email scams compromise legitimate email addresses through social engineering, when cybercriminals often pose as legitimate business professionals within the targeted organization, a business partner or a vendor.

These aren’t obvious hacks, as the schemers often go to great lengths to research targeted companies, including researching employees and using language that is specific to the target in question. 

Since January 2015, there has been a 1300% increase in financial loss due to email scam, according to the announcement. Victims derive from all 50 U.S. states and over 100 countries.



The FBI warns that wire transfer payments are the most common source of financial loss, but that some victims report using checks as sources of payments, as well.

“Reports indicate that fraudulent transfers have been sent to 79 countries with the majority going to Asian banks located within China and Hong Kong,” says the FBI in its public service announcement.

The FBI’s announcement this week was an update to an April public service announcement that reported 2.3 billion had been lost due to BEC scams. Within two short months, 700 million additional dollars have been lost to email-based phishing attacks.

To protect companies from financial loss, and the wider repercussions of data theft, the Internet Crime Complaint Center (IC3) has noted common characteristics of BEC scams that email users should be on the alert for.

Businesses using open-source email accounts were predominantly targeted, and employees who manage wire transfers were top targets. The phrases “code to admin expenses” and “urgent wire transfer” are commonly reported by victims. Fraudulent emails often coincide with business travel dates for the executives who have been spoofed. 

Next story loading loading..