Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

US Authorities Attempting to Recover $5.3 Million Stolen in BEC Scam 

The US government is trying to recover more than $5.3 million stolen by cybercriminals through a BEC scheme from a workers union.

The US government announced on Wednesday that it has filed a civil forfeiture action in an attempt to recover more than $5.3 million lost by a Massachusetts workers union in a business email compromise (BEC) scam. 

The unnamed union, located in Dorchester, lost the money in January 2023, when cybercriminals sent it an email that appeared to come from a trusted investment consulting firm. 

The scammers used a spoofed email address to trick the workers union into believing that the investment consulting firm was requesting the transfer of $6.4 million to a different bank account than the one they previously specified.

The workers union’s employees complied with the fraudsters’ request and wired the money to their account. The fraudsters then transferred the funds through a series of intermediary bank accounts.

While some of the money was sent to cryptocurrency exchanges and bank accounts in Hong Kong, China, Singapore and Nigeria, roughly $5.3 million was traced to bank accounts at JPMorgan Chase and Texas Bank and Trust. 

These accounts, six at JPMorgan Chase and one at Texas Bank and Trust, have been seized by authorities, who are now seeking the forfeiture of the illegally obtained funds. 

A complaint made public by the US Justice Department shows that money mules made several rapid transfers between some of these accounts and dispersed funds to multiple accounts in what investigators say was an effort to conceal the source of the money.

“BEC fraud schemes present a serious threat to businesses and individuals nationwide, causing significant financial and emotional harm to victims by exploiting trusted communication channels they rely upon every day,” said Acting US Attorney Joshua S. Levy. “Today’s civil forfeiture action demonstrates that when victims report such misconduct to the authorities there may be steps we can take to recover stolen funds.”

Advertisement. Scroll to continue reading.

Cybercrime losses reached a record $12.5 billion in 2023, $2.9 billion of which was attributed to BEC schemes. 

Related: Microsoft: BEC Scammers Use Residential IPs to Evade Detection

Related: Nigerian BEC Scammer Pleads Guilty in US Court

Related: Cybercriminals Spoof US Government Organizations in BEC, Phishing Attacks

Related: Nigerian Arrested, Charged in $7.5 Million BEC Scheme Targeting US Charities

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.

Register

People on the Move

Retired U.S. Army General and former NSA Director Paul M. Nakasone has joined the Board of Directors at OpenAI.

Jill Passalacqua has been appointed Chief Legal Officer at autonomous security solutions provider Horizon3.ai.

Cisco has appointed Sean Duca as CISO and Practice Leader for the APJC region.

More People On The Move

Expert Insights