FBI Warns of Upsurge in COVID-19 Related Business Email Compromise Scams

The Federal Bureau of Investigation gave a warning after an uprise in Business Email Compromise (BEC) attacks that are making the most of the chaos associated with the COVID-19 pandemic.

The term BEC refers to the attempt to trick persons in charge of carrying out legitimate fund transfers into a bank account controlled by the attacker. This is accomplished by impersonating a person within the organization that the victim generally has business with. A usual attack scenario involves sending an email to a person in the finance section requesting to change a bank account data for an upcoming payment.

A number of attacks that are related to COVID-19 were recently reported to the FBI’s Internet Crime Complaint Center (IC3). The targets were municipalities that are purchasing personal protective equipment (PPE) and other vital items used for fighting against COVID-19.

In the notification, the FBI presented two new cases of COVID-19 BEC scams. One involved a scammer who impersonated the CEO of a firm and requested that an appointed $1 million payment be advanced because of the Coronavirus outbreak and quarantine protocols and precautions. In the emails to workers at an unnamed financial organization, the scammer provided diverse bank account details for the payment. The scammer used an email address identical to the CEO’s email address apart from a single letter.

The number two example involves a scammer that poses as a client in China who requested the payment of all invoices to be sent to a different bank account because the current bank was going through Coronavirus audits. A number of wire transfers were routed to the new account before detecting the scam, bringing about substantial financial losses.

The COVID-19 pandemic provided BEC scammers a plausible basis for requesting immediate payments, bank account modifications, and changes to standard payment methods. People in charge of payroll and bank transfers ought to be on high alert because of dubious updates to bank account details or modifications to basic payment processes related to COVID-19.

There are a number of warning that people ought to consider to avert falling victim of a BEC scam. These consist of

  • inexplicable emergency in email messages
  • late modifications to bank account data or wire transfer directions
  • adjustments to established payment procedures and communications channels
  • requests to just converse via email or chat platforms, and requests for advance payments
  • Scammers furthermore impersonate workers and request modifications to direct deposit bank account.

In all instances, a request for an adjustment of payment ought to be confirmed by phone using the contact information on file. Don’t ever use the contact details given in the email. Email addresses must be tested to make certain they are similar to previously used email accounts and websites and URLs ought to be properly inspected for any transposed letters, misspellings of domain names, and foreign characters.

If you think you may have been a BEC scam victim, you ought to get in touch with your financial organization right away to recollect any transferred funds and your employer must report the breach to the FBI’s Internet Crime Complaint Center.

About Christine Garcia 1200 Articles
Christine Garcia is the staff writer on Calculated HIPAA. Christine has several years experience in writing about healthcare sector issues with a focus on the compliance and cybersecurity issues. Christine has developed in-depth knowledge of HIPAA regulations. You can contact Christine at [email protected]. You can follow Christine on Twitter at https://twitter.com/ChrisCalHIPAA