Business Email Compromise (BEC)
Business Email Compromise (BEC) is soaring and companies are been affected, BEC is an exploit in which the attacker gains access to a corporate email account and spoofs the owner's identity to defraud the company or its employees, customers or partners of funds. Typically attackers request funds to be transferred to an offshore location typically to Hong Kong.
Digitpol a global cyber crime investigation agency is providing assistance to affected firms by providing rapid response with investigation, legal and assistance with freezing funds wired to fraudsters accounts by liaison with local authorities to recover the stolen funds. Business Email Compromise (BEC) is a scam targeting companies who conduct regular wire transfers and have suppliers abroad, typically firms that have business with Asia or with offshore locations are at target. BEC attackers rely heavily on social engineering tactics to trick unsuspecting employees and executives. Hong Kong is a key target for transferring funds to Hong Kong and then onward to offshore jurisdictions or to mainland China.
Digitpol's Business Email Compromise Investigation Team are certified computer forensic investigators and fraud examiners and can assist to all cases related to Email Scams and Fraud.
Email fraud, scams, phishing attacks happens in most cases when cyber criminals find ways to hack into the email servers or accounts of small and medium companies, often targeting companies or investors conducting business with Asia countries. Cyber criminals gain access to email accounts and search through email accounts looking for sensitive information such as outstanding, unpaid invoices or data relating to financial transactions and business between supplier, vendor and clients. When cyber criminals identify a sale or a due invoice, the fraudsters then send various fictitious emails from the hacked email account or an email address replicated to the original posing to be in charge of the sale or due invoice to be paid, the fraudster is then asking for transfers of funds into a nominated bank account, usually giving an excuse that there is a problem at the bank and an alternative account needs to be used. It is common that the nominated account is in the same name as the company name or with a very slight change such as an extra letter. It is common the bank account to be in the same city as the victim or client.
Offshore Bank Accounts - A Target
Internet fraud is rampant and Hong Kong is a key target for the transfer of funds. Digitpol's Hong Kong branch provides operational and forensic support to firms that have fallen victim to BEC fraud, email fraud, invoice fraud and the stolen funds have been wired to bank accounts in Hong Kong. Digitpol provides assistance to foreign firms by acting on their behalf locally in Hong Kong. Digitpol's legal partner is an expert in the recovery of funds in Hong Kong and mainland China, jointly the combination of investigative support and legal services we offer International firms rapid response expertise to assist with the investigation, seizure and recovery of stolen funds.
If you have transferred funds to a bank account in error, the following is urgent.
- Report the incident as soon as possible to your local police in the country you reside in. Obtain the Police report or case number.
- Immediately alert your bank the transaction is fraudulent.
- Report the case to the Police in the location of the transferred bank account or engage Digitpol and its legal team to act for you by reporting the complaint to the Police and conducting an Investigation by liaising with the Police and the banks.
Hong Kong - To file a Police report in Hong Kong, this can only be done in person at the police station or by the E-Crime service. The Police will first need to be satisfied that a crime is actually committed, this is done by the examination of evidence and the evidence that a crime took place. If sufficient evidence is presented the Police will take immediate action.
In the majority of cases related to Internet Fraud, the evidence of a crime is digital evidence, Digitpol can assist with compiling a forensic report that details how the fraud took place and the examination of forensic evidence such as digital data, computer forensics and server logs. Digitpol will present your case to the Police and its legal partner can take civil action when required.
Are you affected by Business Email Compromise?
If a Business Email Compromise happens to you, you need to respond quickly. BEC fraud can lead to major disruption and financial disasters.
If you encounter or believe that you have been the victim of BEC fraud (i.e. phishing, fraudulent text messages etc.), the first step is to contact the police, if you need additional support, please send an email to firstname.lastname@example.org Be sure to attach any supporting documentation such as copies of suspicious emails, text messages and questionable links/URLs. If the report is filled in time there is a high possibility that the fraudster’s bank account can be seized and the funds frozen.
Contact Digitpol's hotlines or respond to us online. CONTACT
Digitpol is available 24/7.
Phone: Europe: +31558448040
Phone Hong Kong: +85239733884
What Happens When You Report a Case To Digitpol?
If you report a case to Digitpol we will examine the data that you have provided, if evidence exists and we are in position to assist you, we will start an investigation, the first step is the detail all the evidence into a report so that the fraud is clear.
The second step is a report to the Police, you can do this yourself and use our report or we can submit the report on your behalf, to do this we require a power of attorney, once the Police starts an investigation the entire matter is in the jurisdiction of the Police, during this period and in agreement, we may provide additional information or new evidence to the Police.
In the event you have transferred funds to a bank account, we will issue a notice of the fraud to the banks fraud department to hold the account until the Police takes contact.
What are Digitpol's costs to investigate my case?
Digitpol is a private agency therefore we charge for the time to conduct research. The costs is based on our hourly rate of 150EUR / 170USD per hour or an agreed set fee for the case. The first stage of the investigation is an interview, this is a fee of 22USD / 20EUR
How can I avoid the costs?
If you report the case to the Police there is no costs.
To report the case to Digitpol, is there a cost and what will it cover?
If you report a case to Digitpol using the form below, the cost is 22USD, this covers the time for our agents to read the file, look into the evidence you supplied, in some cases we may ask you for more evidence such as screenshots of the communications with the fraudsters or further evidence related to your case.
In the majority of cases the evidence contains a website or a company, we will start to check the website's meta data and the companies presence and its directors. If you have transferred funds to a bank and you have presented sufficient evidence of fraud, we will issue a notice to the bank. This fee covers the first stage of an investigation known as an "intake" or "interview", during this we may prepare to present the case to the Police.