Business Email Compromise (BEC)
Business Email Compromise (BEC) is on the rise, and companies are increasingly falling victim to this sophisticated form of cybercrime. BEC occurs when attackers gain unauthorized access to a corporate email account and impersonate the account owner to deceive the company, its employees, customers, or partners into transferring funds. Typically, these attacks involve fraudulent requests for financial transfers to offshore or foreign accounts, causing significant financial losses. As BEC tactics continue to evolve, businesses must be vigilant and proactive in safeguarding their communication channels to prevent falling victim to such scams.
Digitpol, a global leader in cyber crime investigations, offers comprehensive support to businesses affected by Business Email Compromise (BEC). Our rapid response team provides in-depth investigation, legal guidance, and assistance in freezing funds that have been fraudulently transferred to the accounts of attackers. Through close coordination with local authorities, we work to recover stolen funds and mitigate further damage. BEC primarily targets companies that regularly engage in wire transfers, especially those with international suppliers, particularly in regions like Asia or other offshore locations. Attackers often exploit social engineering tactics to deceive employees and executives into authorizing fraudulent transactions.
Digitpol’s Business Email Compromise Investigation Team consists of certified computer forensic investigators and fraud examiners, equipped to handle all cases related to email scams and fraud. Our expertise ensures that businesses can recover lost assets and safeguard against future threats.
How BEC Fraud Works:
Business Email Compromise (BEC) fraud typically begins when cyber criminals hack into the email accounts or servers of small and medium sized companies, often those doing business with suppliers or investors in USA or Asia. Once the attackers gain access to a company's email account, they carefully sift through messages to find sensitive information, such as unpaid invoices or details related to financial transactions between the company, its suppliers, vendors, and clients. Upon identifying a transaction or outstanding payment, the fraudsters then craft and send fraudulent emails, either from the hacked account or from a look-alike email address, which mimics the original. These emails claim to be from an authorized party and ask for fund transfers to a new, fraudulent bank account, often providing a fabricated reason such as an issue with the bank that necessitates using an alternative account for the transaction. By exploiting this trust, cyber criminals successfully deceive businesses into transferring significant sums of money to offshore accounts.
How We Can Help
Digitpol's Cyber and Fraud Team consists of certified fraud and forensic examiners, ready to assist with all cases related to email fraud, spear phishing attacks, email scams, and other online fraud. Our experts are equipped to investigate hacking incidents, determine how the breach occurred, and provide detailed forensic reports on the findings. We ensure that attackers are no longer active within your network and that your user account policies and security protocols are properly configured to prevent further breaches.
In cases of Business Email Compromise (BEC), Digitpol’s BEC Investigation Team works closely with banks, law enforcement, and financial exchanges. We present forensic evidence directly to financial institutions to request the seizure or freezing of fraudulently transferred funds, helping to recover stolen assets. With our rapid response and thorough investigations, we ensure that businesses can quickly address and mitigate the impact of these sophisticated attacks.