Latest BEC Victims: Nikkei, City of OcalaJapanese Media Giant and Florida City Hit by Separate Business Email Compromises
Business email compromise scams continue to proliferate. Last week, Japanese media company Nikkei revealed an employee made a $29 million fraudulent transfer as a result of such a scam. And in a separate scam, the city of Ocala, Florida, suffered losses of over $740,000.
See Also: Top 50 Security Threats
Business email compromise scams, also known as CEO fraud, have become big money-makers for fraudsters. Generally, the scheme starts with attackers stealing the email credentials of a top executive through phishing or other methods. Fraudsters then impersonate that executive and send messages to lower-level employees to transfer money, make payments or wire money to bank accounts. In other cases, the attackers spoof a company's business partner.
In September, the FBI's Internet Crime Complaint Center noted that global losses and attempted thefts from BEC scams increased by 100 percent over a 14-month period. A July report from the U.S. Treasury Department found that the scams are costing U.S. companies a total of more than $300 million a month (see: BEC Scams Cost U.S. Companies $300 Million Per Month: Study).
Two Recent Incidents
Last week, Nikkei revealed that an employee at a U.S. subsidiary mistakenly transferred $29 million in September when responding to instructions from a malicious third party who pretended to be a management executive.
"Currently, we are taking immediate measures to preserve and recover the funds that have been transferred, and taking measures to fully cooperate with the investigations," the company said in a statement. The media giant says it has filed a damage report with authorities in the U.S. and Hong Kong.
In a separate incident, the city of Ocala in central Florida reported losses of $742,376 after it fell victim to a spear-phishing scam.
In September, a senior accounting specialist for the city received an email pretending to be from the office of Ausley Construction, a city contractor, that included a city form requesting a change in Ausley's banking information, according to a report by the local newspaper Ocala Star Banner. The form provided a routing and account number for a Fifth Third Bank account and a copy of a voided check from the account, the newspaper reports, and the employee changed the account information. Ausley Construction had hired by the city for the construction of a new terminal at the Ocala International Airport.
On Oct. 17, Ausley Construction submitted a legitimate invoice, and when the city paid it on Oct. 18, it went to the fraudulent bank account, the newspaper reports. On Oct. 22, city officials discovered the fraud after Ausley informed them they did not receive the payment.
It's not clear how the scammers gained access to the vendor numbers and other information necessary to perpetuate the scheme, Emory Robert, the city's director of finance, told the Ocala Star Banner.
Ocala officials have filed a claim with the city's insurance provider and are reviewing their internal policies to avoid falling victim to a repeat scam, according to the news report.
In recent months, law enforcement authorities worldwide have made a series of BEC-related arrests.
Last month, the Spanish authorities arrested three individuals on charges of running a large-scale business email compromise scheme that targeted a dozen companies around the world to steal about $11 million (see: Three Charged in $11 Million BEC Scam).
In September a global law enforcement effort called Operation reWIRED, had resulted in the arrests of 281 suspects for business email compromise scams (see: Business Email Compromise Crackdown: 281 Suspects Busted).
And in August, the U.S. Department of Justice indicted 80 suspects for allegedly running a global BEC scam (see: 80 Indicted for Scams, Including Business Email Compromises).