Business Email Compromise Investigation (BEC)

Business Email Compromise (BEC) is soaring and companies are been affected, BEC is an exploit in which the attacker gains access to a corporate email account and spoofs the owner's identity to defraud the company or its employees, customers or partners of funds. Typically attackers request funds to be transferred to an offshore location typically to Hong Kong.

Digitpol a global cyber crime investigation agency is providing assistance to affected firms by providing rapid response with investigation, legal and assistance with freezing funds wired to fraudsters accounts by liaison with local authorities to recover the stolen funds. Business Email Compromise (BEC) is a scam targeting companies who conduct regular wire transfers and have suppliers abroad, typically firms that have business with Asia or with offshore locations are at target. BEC attackers rely heavily on social engineering tactics to trick unsuspecting employees and executives. Hong Kong is a key target for transferring funds to Hong Kong and then onward to offshore jurisdictions or to mainland China.

Digitpol's Business Email Compromise Investigation Team are certified computer forensic investigators and fraud examiners and can assist to all cases related to Email Scams and Fraud.

How BEC Fraud Works:

Cyber criminals find ways to hack into the email servers or accounts of small and medium companies, often targeting companies or investors conducting business with Asia countries. Cyber criminals gain access to email accounts and  search through email accounts looking for sensitive information such as outstanding, unpaid invoices or data relating to financial transactions and business between supplier, vendor and clients. When cyber criminals identify a sale or a due invoice, the fraudsters then send various fictitious emails from the hacked email account or an email address replicated to the original posing to be in charge of the sale or due invoice to be paid, the fraudster is then asking for transfers of funds into a nominated bank account, usually giving an excuse that there is a problem at the bank and an alternative account needs to be used.

What Victims Need To

If you have transferred funds to a bank account in error, the following is urgent.

  1. Report the incident as soon as possible to your local police in the country you reside in. Obtain the Police report or case number.
  2. Immediately alert your bank the transaction is fraudulent.
  3. Report the case to the Police in the location of the transferred bank account or engage Digitpol and its legal team to act for you by reporting the complaint to the Police and conducting an Investigation by liaising with the Police and the banks.
  4. If you have not transferred funds or have not been requested to transfer funds, alerts your payments department to put all payments on hold pending approval and start the incident response protocol.

How We Can Help

Digitpol's Cyber and Fraud Team are certified fraud and forensic examiners and can deploy to assist with all cases related to email fraud, email spear phishing attacks, email scams and on-line related fraud. Digitpol can deploy forensic examiners to investigate hacking, determine how it took place and report the findings, Digitpol ensures that hackers are not active in your network and ensure your user accounts policies and rules are configured correctly to prevent further attacks.

Digitpol's Business Email Compromise Investigation Team liaise with banks, police and exchanges, we present forensic evidence directly to banks requesting seizure or to hold and transferred funds.

Request Assistance