this article discusses the prevalence and evolving tactics of business Email Compromise (BEC) fraud, citing a report from the Association for Financial Professionals. It highlights that a meaningful percentage of organizations experienced BEC attacks last year.
The research also points out that perpetrators, frequently enough based in Nigeria or the UAE, are not always adept at concealing their identities, with many having easily discoverable social media profiles.Palo alto’s Unit 42 researchers corroborate this, noting that while some fraudsters try to hide, their identities can frequently enough be found on social media and messaging services.
The article emphasizes that BEC actors are becoming more organized. While it’s still possible to identify groups of perpetrators, their practice of using a single identifier (phone number, email, alias) for multiple malicious activities makes it more challenging for cybersecurity and law enforcement to attribute specific crimes. The researchers also found strong social media connections among actors, even across different geographical locations.A key advice from Palo Alto is to become familiar with the “financial fraud kill chain” (FFKC). This process is presented as the most effective way for BEC victims to recover funds.The FFKC is a partnership between federal law enforcement and financial institutions aimed at freezing fraudulent payments.
The article explains that timely complaints filed with ic3.gov (generally within 72 hours of a fraudulent transfer) are automatically triaged by the Financial Crimes Enforcement Network (FinCEN). The FBI’s IC3 annual report indicates a 66% success rate for the FFKC in 2024. To be considered viable, complaints must involve losses of at least $50,000 and include comprehensive information from the victim and their bank, along with a completed FFKC form detailing victim and recipient information, bank details, and other relevant data.
