INTERPOL has launched the global campaign "Business E-mail Compromise (BEC)"

Through the global campaign "BEC", INTERPOL warns about the possibilities of frauds through electronic mail. Thus, for this purpose, the criminals hacks the e-mail accounts of some foreign companies, monitor the correspondence of the employees of the targeted company and simulate the real correspondence that they carry with the business partners company, through a similar e-mail address. This activity aims to divert the transfer of money to a bank account different from that of the legitimate beneficiary, the bank account being controlled by the members of the criminal group.

The fraud targets companies that work with foreign suppliers or customers (foreign trade activities) and regularly make bank transfer payments:

Strategies for protection against BEC:

- Avoid using web-based email accounts (yahoo, hotmail, gmail, etc.) for business activity. It is advisable to use e-mail accounts from your own domain.

- be suspicious about messages that require secret or quick operations to uncertain or unverified recipients.

- consider creating minimum IT audit and security procedures regarding payments, in order to implement a verification process in at least two steps.

- establish an alternative communication, such as telephone communication with the foreign supplier or customer, to validate any change regarding usual commercial procedures, to avoid the possibility of the hacker to intercept any communication.

- to use digital signatures or encryption of messages sent between the parties involved in the commercial activity.

- reporting and unopening of spam messages, which may contain malware.

- do not use the "Reply" function to reply in correspondence. Use the "Forward" function and type manually or select from the address list the email address where you want to send the message.

Prevention recommendations:

- Be prudent about the sudden change of previously established commercial procedures, especially of e-mail or bank accounts and the currencies in which the payments are made, as well as the country where the accounts are opened.

- check by phone with the supplier or customer using a previously owned and verified telephone number, if the changes requested by e-mail are real.

The fraud has three main components: the Social Engineering Component – this component supposes collection of online historical data regarding the targeted companies (registered office, managers, bank accounts, e-mail addresses, client portfolio, any documents accessible online that present identification elements of the company that can be used to create the appearance of legitimacy), the hacking component of the e-mail address (Email Account Compromise) and the opening, on behalf of the supplier or of the foreign customer, of a bank account using fake documents.


More details about the campaign may be found here.