<!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <script nonce="4vympzdddu50avs0"> if (window.trustedTypes) { trustedTypes.createPolicy('default', { createHtml: s => { console.error(`TrustedHTML Violation: ${s}`); return null; }, createScript: s => { console.error(`TrustedScript Violation: ${s}`); return null; }, createScriptURL: s => { const prefix = ['https://www.gstatic.com/recaptcha/releases/', 'https://www.googletagmanager.com/gtag/js']; let u = undefined; try { u = new URL(s); u = `${u.protocol}//${u.host}${u.pathname}`; } catch { } if ((u && prefix.some(x => u.startsWith(x))) || 'https://www.google-analytics.com/analytics.js' === s) { return s; } else { console.error(`TrustedScriptURL Violation: ${s}`); return null; } } }); } </script> <link rel="stylesheet" href="/css/psa.css"> <!-- We participate in the US government's analytics program. See the data at analytics.usa.gov. --> <script async src="https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=DOJ" id="_fed_an_ua_tag" nonce="4vympzdddu50avs0"></script> <title>Internet Crime Complaint Center (IC3) | Business Email Compromise: The $50 Billion Scam</title> </head> <body> <a class="skip-link" href="#main">Skip to main</a> <div> <header> <picture> <source srcset="/img/IC3PressReleaseBanner3.webp" type="image/webp"> <img class="logo" src="/img/IC3PressReleaseBanner3.png" alt="FBI/IC3 Public Service Announcement"> </picture> </header> <div id="container"> <aside> <time class="published" datetime="2023-06-09T09:15:00.000-04:00">June 9, 2023</time> <div> <div> Alert Number </div> <div id="alert-number"> I-060923-PSA </div> <div> <p>Questions regarding this PSA should be directed to your local <span class="bold">FBI Field Office</span>.</p> <p> Local Field Office Locations: <a target="_blank" href="http://www.fbi.gov/contact-us/field-offices">www.fbi.gov/contact-us/field-offices</a> </p> </div> </div> </aside> <main> <h2>Business Email Compromise: The $50 Billion Scam</h2> <style nonce="4vympzdddu50avs0"> table { width: 90%; min-width: 350px; } th[scope="row"] { font-weight: normal; text-align:left; vertical-align: middle; } td { font-weight: bold; text-align: right; font-variant-numeric: tabular-nums; vertical-align: middle; } caption { caption-side: top; text-align: left; margin-bottom: 1rem; } main :is(table + table, picture + picture img, h3) { margin-top: 1em; } </style> <p>This Public Service Announcement is an update and companion piece to Business Email Compromise <a target="_blank" href="/PSA/2022/PSA220504">PSA I-050422-PSA</a> posted on <a href="https://www.ic3.gov/">www.ic3.gov</a>. This PSA includes new Internet Crime Complaint Center complaint information and updated statistics from October 2013 to December 2022.</p> <h3>Definition</h3> <p>Business Email Compromise/Email Account Compromise (BEC) is a sophisticated scam that targets both businesses and individuals who perform legitimate transfer-of-funds requests.</p> <p>The scam is frequently carried out when an individual compromises legitimate business or personal email accounts through social engineering or computer intrusion to conduct unauthorized transfers of funds.</p> <p>The scam is not always associated with a transfer-of-funds request. Often times BEC variations involve compromising legitimate business email accounts and requesting employees' Personally Identifiable Information,Wage and Tax Statement (W-2) forms, and <a href="/PSA/2021/PSA210413">crypto currency wallets</a>.</p> <h3>Statistical Data</h3> <p>The BEC scam has continued to evolve, targeting small local businesses to larger corporations, and personal transactions. Between December 2021 and December 2022, there was a 17% increase in identified global exposed losses. In 2022, the IC3 saw an increase in BEC reporting with a nexus to the real estate sector and BEC incidents where funds were transferred directly to a cryptocurrency exchange, or to a financial institution holding a custodial account for a cryptocurrency exchange. (See also: <a href="/PSA/2021/PSA210413">PSA I-041321-PSA</a>)</p> <p>The BEC scam has been reported in all 50 states and 177 countries, with over 140 countries receiving fraudulent transfers. Based on the financial data reported to the IC3 for 2022, banks located in Hong Kong and China were the primary international destinations of fraudulent funds. These were followed by the United Kingdom, which often acts as an intermediary stop for funds, Mexico, and Singapore.</p> <table> <caption>The following BEC statistics were reported to the FBI IC3, law enforcement and derived from filings with financial institutions between <span class="bold">October 2013 and December 2022:</span></caption> <tr><th scope="row">Domestic and international incidents:</th><td>277,918</td></tr> <tr><th scope="row">Domestic and international exposed dollar loss:</th><td>$50,871,249,501</td></tr> </table> <table> <caption>The following BEC statistics were reported in victim complaints to the IC3 between <span class="bold">October 2013 and December 2022:</span></caption> <tr><th scope="row">Total U.S. victims:</th><td>137,601</td></tr> <tr><th scope="row">Total U.S. exposed dollar loss:</th><td>$17,328,435,141</td></tr> <tr inert aria-hidden="true"><td colspan="2">&nbsp;</td></tr> <tr><th scope="row">Total non-U.S. victims:</th><td>5,892</td></tr> <tr><th scope="row">Total non-U.S. exposed dollar loss:</th><td>$1,454,028,296</td></tr> </table> <table> <caption>The following BEC statistics were reported by victims via the financial transaction component of the IC3 complaint form, which became available in June 2016. The following statistics were reported in victim complaints to the IC3 between <span class="bold">June 2016 and December 2022:</span></caption> <tr><th scope="row">Total U.S. financial recipients:</th><td>74,121</td></tr> <tr><th scope="row">Total U.S. financial recipient exposed dollar loss:</th><td>$13,034,596,130</td></tr> <tr inert aria-hidden="true"><td colspan="2">&nbsp;</td></tr> <tr><th scope="row">Total non-U.S. financial recipients:</th><td>21,122</td></tr> <tr><th scope="row">Total non-U.S. financial recipient exposed dollar loss:</th><td>$8,451,345,479</td></tr> </table> <h3>BEC Highlights: Real Estate Sector</h3> <p>In calendar year 2018, reporting to the IC3 for BEC with a nexus to the real estate sector was at an all-time high. Gradually, reporting to the IC3 decreased in the following years until another minor spike in 2021 and then again increasing in 2022.</p> <p>The BEC scam targets all participants in real estate transactions,to include buyers, seller, real estate attorneys, title companies, and agents. Once a BEC perpetrators gain access to a participant's email account involved in a real estate transaction, they are able to monitor the real estate proceeding and often time the fraudulent request for a change in payment type (frequently from check to wire transfer) or a change from one bank account to a different bank account under their control. The funds may also be transferred to a secondary fraudulent domestic or international account.</p> <p>Based on IC3 victim complaint data, BEC scams targeting the real estate sector are once again on the rise. From calendar years 2020 to 2022, there was a 27% increase in victim reports to the IC3 of BECs with a real estate nexus. In this same time frame, there was a 72% increase in victim loss of BECs with a real estate nexus. The increases in victim losses of BEC with a real estate nexus are notable with the increase in victim reporting and also may be contributed to the rise in real estate costs over the last several years.</p> <picture> <source srcset="/img/PSA/2023/230609.webp" type="image/webp"> <img src="/img/PSA/2023/230609.jpg" alt="BEC: Real Estate Nexus Victims - 2015: 194, 2016: 918, 2017: 2033, 2018: 2593, 2019: 2243, 2020: 1796, 2021: 2149, 2022: 2284"> </picture> <picture> <source srcset="/img/PSA/2023/230609-2.webp" type="image/webp"> <img src="/img/PSA/2023/230609-2.jpg" alt="BEC: Real Estate Nexus Victim Loss - 2015: $8.8 million, 2016: $75.6 million, 2017: $219.1 million, 2018: $242.9 million, 2019: $241.5 million, 2020: $258.4 million, 2021: $430.5 million, 2022: $446.1 million"> </picture> <h3>Suggestions for Protection</h3> <ul> <li>Use secondary channels or two-factor authentication to verify requests for changes in account information.</li> <li>Ensure the URL in emails is associated with the business/individual it claims to be from.</li> <li>Be alert to hyperlinks that may contain misspellings of the actual domain name.</li> <li>Refrain from supplying login credentials or PII of any sort via email. Be aware that many emails requesting your personal information may appear to be legitimate.</li> <li>Verify the email address used to send emails, especially when using a mobile or handheld device, by ensuring the sender's address appears to match who it is coming from.</li> <li>Ensure the settings in employees' computers are enabled to allow full email extensions to be viewed.</li> <li>Monitor your personal financial accounts on a regular basis for irregularities, such as missing deposits.</li> </ul> <p>If you discover a fraudulent transfer, time is of the essence. <strong>First</strong>, contact your financial institution and request a recall of the funds along with any necessary indemnification documents. Different financial institutions have varying policies; it is important to know what assistance your financial institution will provide when attempting to recover funds. Regardless of the amount lost, file a complaint with <a href="https://www.ic3.gov/">www.ic3.gov</a>, as soon as possible. The FBI IC3 will be able to assist both the financial institutions and law enforcement in possible recovery efforts.</p> </main> </div> </div> </body> </html>