Beware of the B.E.C. scam, says a report at fbi.gov. The hackers target businesses and are good at getting what they want.
The hackers first learn the name of a company's CEO or other key figure such as the company's lawyer or a vendor. They then figure out a way to make an e-mail, coming from them, appear to come from this CEO, and send it to employees.
The recipients aren't just randomly selected, either. The hackers do their homework to find out which employees handle money. They even learn the company's particular language, says the fbi.gov article. The company may be a big business, small enterprise and even a non-profit organization.
Once they get it all down, they then request a wire transfer of money. This does not raise red flags in particular if the company normally sends out wire transfer payments.
This CEO impersonation scam is quite pervasive, stinging every state in the U.S. and occurring in at least 79 other nations. The fbi.gov article cites the following findings:
Companies or enterprises that are the victim of this scam should immediately contact their bank, and also request that the bank contact the financial institution where the stolen funds were transferred to.
Next, the victim should file a complaint with the IC3.
How can businesses protect themselves from these scam e-mails?