Email hacked (Business email compromise)
BEC is a scam targeting businesses working with foreign suppliers and/or businesses regularly performing wire transfer payments. These sophisticated scams are carried out by fraudsters compromising email accounts through social engineering or computer intrusion techniques and asking for fraudulent wire account transfers. Learn More About Business Email Compromise? (BEC)
The more national reporting data that’s collected, the better the chance law enforcement has to catch the criminals and decrease online crime. Reporting a fraudulent incident will also assure that you have accurate documentation in order to aid in your recovery. Please consider reporting your incident or chat with an online support specialist at the FTC Complaint Assistant. The FTC will create a report number and a copy of the report for your records.
The more national reporting data that’s collected, the better the chance law enforcement has to catch the criminals and decrease online crime. Reporting a fraudulent incident will also assure that you have accurate documentation in order to aid in your recovery. Please consider reporting your incident to the FBI Internet Crime Complaint Center (IC3).
Once processed, complaints filed via their website may be referred to federal, state, local, or international law enforcement or regulatory agencies for possible investigation. Any investigation opened on any complaint is initiated at the discretion of the law enforcement and/or regulatory agency receiving the complaint information. Reporting the incident at IC3 will not result in a call back for assistance.
The following resources have been gathered and vetted in order to better serve you. These resources have been chosen to help simplify the process of recovery after a cyber incident has taken place. With these resources you may need to contact organizations outside Fraudsupport.org. Results will vary depending on your circumstances.
If your business has been impacted by Business Email Compromise follow these steps from the FBI Public Service Announcement.
WHAT TO DO IF YOU ARE A VICTIM
If funds are transferred to a fraudulent account, it is important to act quickly:
- Contact your financial institution immediately upon discovering the fraudulent transfer.
- Request that your financial institution contact the corresponding financial institution where the fraudulent transfer was sent.
- Contact your local Federal Bureau of Investigation (FBI) office if the wire is recent. The FBI, working with the United States Department of Treasury Financial Crimes Enforcement Network, might be able to help return or freeze the funds.
- File a complaint, regardless of dollar loss, with bec.ic3.gov.
When contacting law enforcement or filing a complaint with IC3, it is important to identify your incident as “BEC/EAC”; also consider providing the following information:
- Originating business name
- Originating financial institution name and address
- Originating account number
- Beneficiary name
- Beneficiary financial institution name and address
- Beneficiary account number
- Correspondent bank if known or applicable
- Dates and amounts transferred
- IP and/or email address of fraudulent email
Detailed descriptions of BEC/EAC incidents should include but not be limited to the following when contacting law enforcement:
- Date and time of incidents
- Incorrectly formatted invoices or letterheads
- Requests for secrecy or immediate action
- Unusual timing, requests, or wording of the fraudulent phone calls or emails
- Phone numbers of the fraudulent phone calls
- Description of any phone contact, including frequency and timing of calls
- Foreign accents of the callers
- Poorly worded or grammatically incorrect emails
- Reports of any previous email phishing activity
Once the proper organizations have been notified and you are on the road to recovery, it is time to reinforce your cybersecurity. Let’s take action and strengthen your cybersecurity with the following resources and tools.