FREDERICK, MD News (1/26/2024) – The City of Frederick recently found itself ensnared in a wire fraud incident, as reported by The Frederick News Post. In connection with a project aimed at establishing a new police headquarters, an undisclosed amount of money was fraudulently transferred. How could the city be tricked into sending likely significant amount of funds to a fraudulent bank account? Likely through a well crafted email.
Sponsored Stories
The technique employed in this wire fraud case was likely Business Email Compromise (BEC), a method highlighted by the Internet Crime Complaint Center (IC3), the FBI’s national hub for reporting cybercrime. BEC is a sophisticated scam that targets both businesses and individuals involved in legitimate fund transfers.
Typically, the scam unfolds when an individual gains unauthorized access to legitimate business or personal email accounts through methods such as social engineering or computer intrusion. Once compromised, the perpetrator conducts unauthorized transfers of funds. However, BEC variations extend beyond mere fund transfers and often involve the compromise of business email accounts for the extraction of sensitive information such as Personally Identifiable Information, Wage and Tax Statement (W-2) forms, and cryptocurrency wallets. In the case of the City of Frederick, the likely attack method involved sending fake invoices to the city, including the contract number and possibly even pretending to be the awardee of the police headquarters contract.
Statistical data reveals a concerning trend in the evolution of BEC scams, affecting entities ranging from small local businesses to larger corporations and personal transactions. Between December 2021 and December 2022, there was a notable 17% increase in identified global exposed losses. The IC3 observed a surge in BEC reporting in 2022, particularly in incidents related to the real estate sector and instances where funds were directly transferred to cryptocurrency exchanges or financial institutions holding custodial accounts for these exchanges.
The BEC scam’s reach extends globally, with reported incidents in all 50 states of the United States and 177 countries. Frauds have been documented in over 140 countries, with primary international destinations for fraudulent funds identified as banks in Hong Kong and China, followed by the United Kingdom, Mexico, and Singapore.
Statistics compiled by the FBI IC3, law enforcement, and financial institutions between October 2013 and December 2022 provide a comprehensive overview of the BEC landscape:
- Domestic and international incidents: 277,918
- Domestic and international exposed dollar loss: $50,871,249,501
- Total U.S. victims: 137,601
- Total U.S. exposed dollar loss: $17,328,435,141
- Total non-U.S. victims: 5,892
- Total non-U.S. exposed dollar loss: $1,454,028,296
Additional data, collected from victim complaints to the IC3 between June 2016 and December 2022, specifically related to the financial transaction component of the complaint form, includes:
- Total U.S. financial recipients: 74,121
- Total U.S. financial recipient exposed dollar loss: $13,034,596,130
- Total non-U.S. financial recipients: 21,122
- Total non-U.S. financial recipient exposed dollar loss: $8,451,345,479
In 2022, the average loss attributable to BEC incidents exceeded $123,000, emphasizing the financial impact and sophistication of this prevalent form of cybercrime.
Article by multiple RFHC contributors.
Discover more from Radio Free Hub City
Subscribe to get the latest posts sent to your email.