Security Experts:

Connect with us

Hi, what are you looking for?



FBI Expects Increase in COVID-19-Themed BEC Scams

The Federal Bureau of Investigation is expecting an increase in the frequency of scams related to the current COVID-19 pandemic, including those involving business email compromise (BEC).

The Federal Bureau of Investigation is expecting an increase in the frequency of scams related to the current COVID-19 pandemic, including those involving business email compromise (BEC).

A type of fraud targeting those in charge of performing legitimate funds transfers for a company, BEC scams aim to trick unsuspecting victims into sending money to the attackers.

In BEC attacks, the victim typically receives an email apparently arriving from a company they normally conduct business with, requesting payments be made to a new account, or demanding a change in the standard payment operations.

According to the FBI, losses from BEC scams surpassed $1.7 billion in 2019, and are only expected to increase. More recently, there has been an increase in BEC attacks targeting municipalities purchasing personal protective equipment or other supplies for the ongoing coronavirus crisis.

One of the most recent examples of BEC fraud targeted a financial institution with an email allegedly arriving from the CEO of a company and related to a previously scheduled transfer of $1 million. The message requested the transfer date be moved up and to a new account, due to the COVID-19 situation.

In another incident, a bank customer received a message from an alleged client in China, requesting that all invoice payments be changed to a different bank, claiming that their regular accounts could not be accessed due to audits. Several transfers were made to the new bank before the fraud was discovered.

To stay protected from this type of fraud, organizations should look for specific red flags, including an unexplained urgency, last minute changes in wire details or in established communication platforms, refusal to communicate via telephone or online voice/video services, requests for advanced payment of services if previously such payment was not required, and requests to change direct deposit information.

According to the FBI, being skeptical of any last minute changes in wiring instructions and verifying all such changes via the contact on file could help avoid falling victim to fraud. To stay protected, users should also make sure that URLs in emails are associated with the business they claim to be from, should be wary of hyperlinks that may contain misspellings of the actual domain name, and should verify the email address used to send emails.

Immediately after discovering that they might have fallen victim to a fraudulent incident, users should contact their financial institution to request a recall of funds, and should also report the issue to the employer. Victims are advised to also file a complaint with the FBI’s Internet Crime Complaint Center as soon as possible.

Related: Nigerian Threat Actors Specializing in BEC Attacks Continue to Evolve

Related: BEC Losses Surpassed $1.7 Billion in 2019: FBI

Related: Two Dozen Arrested for Laundering Funds From BEC, Other Scams

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.


Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack


Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.


CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.


Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.