twiw-horizontal-trans-150h
Is there a story you think we should be covering? Have a tip on something we should look at?
Contact Us

A Scam Targeting over $43 Billion Sharply Increased in 2021

By Tom Marino | May 10, 2022
Last Updated: May 10, 2022

A scam that has exposed over $43 billion worldwide from 2016 to 2021 and nearly $15 billion in over 116,000 occurrences since 2013 in the U.S. is on the rise, according to the Federal Bureau of Investigation (FBI).

The Business Email Compromise/ Email Account Compromise (BEC/EAC) scam targets both businesses and personal email accounts and is often associated with legitimate transfer-of-funds requests. Other variations include compromising business email accounts and requesting employees’ personal information, wage and tax statements or even cryptocurrency wallets.

Between July 2019 and December 2021, there was a 65 percent increase globally in the funds targeted by scammers using this scam.

The scam has been reported in all 50 states, 177 countries, with over 140 countries receiving fraudulent transfers. The top five locations for receiving banks are Thailand, Hong Kong, China, Mexico and Singapore.

There have also been an increase of the scam where a direct transfer to a cryptocurrency exchange was used where the victim was unaware funds were being sent for conversion. The losses reported using cryptocurrency increased by nearly 400 percent in 2021.

How to Protect Yourself

The FBI offers the following suggestions for protection against the BEC/EAC scam:

  • Use secondary channels or two-factor authentication to verify requests for changes in account information.
  • Ensure the URL in emails is associated with the business/individual it claims to be from.
  • Be alert to hyperlinks that may contain misspellings of the actual domain name.
  • Refrain from supplying login credentials or PII of any sort via email. Be aware that many emails requesting your personal information may appear to be legitimate.
  • Verify the email address used to send emails, especially when using a mobile or handheld device, by ensuring the sender’s address appears to match who it is coming from.
  • Ensure the settings in employees’ computers are enabled to allow full email extensions to be viewed.
  • Monitor your personal financial accounts regularly for irregularities, such as missing deposits.

Follow us on The016.com, the social network for Worcester and you!