According to the FBI, between June 2016 and July 2019, a total of $43,312,749,964 was lost to business email compromise (BEC) scams between June 2016 and July 2019. During this period, 241,206 domestic and international incidents were reported to the (IC3) Internet Crime Complaints Centre.
BEC fraud continues to increase every year, with a 65% increase in detected global losses between July 2019 and December 2021.
IC3 2021 Internet Crime Report identifies BEC fraud as the cybercrime type with the highest reported total victim losses in 2021.
Victims reported losses of nearly $2.4 billion in 2021, based on 19,954 registered complaints related to BEC attacks on individuals and businesses.
The FBI report identified some countries to which the stolen funds were transferred.
“Based on the financial data reported to the IC3 for 2021, banks located in Thailand and Hong Kong were the primary international destinations of fraudulent funds. China, which ranked in the top two destinations in previous years, ranked third in 2021, followed by Mexico and Singapore,” the FBI said.
Steps users can take to protect themselves from BEC scams include activating multifactor authentication to verify account information changes, and ensuring that the URL in emails is linked to the company / individual it purports to come from.
The sources for this piece include an article in BleepingComputer.