{"id":42890,"date":"2022-02-17T13:45:44","date_gmt":"2022-02-17T13:45:44","guid":{"rendered":"https:\/\/bornrealist.com\/?p=42890"},"modified":"2023-01-06T12:44:21","modified_gmt":"2023-01-06T12:44:21","slug":"the-nine-biggest-real-world-examples-of-bec-scams-that-hit-the-organizations-hard","status":"publish","type":"post","link":"https:\/\/bornrealist.com\/the-nine-biggest-real-world-examples-of-bec-scams-that-hit-the-organizations-hard\/","title":{"rendered":"The Nine Biggest Real-world Examples of BEC Scams That Hit the Organizations Hard"},"content":{"rendered":"
Business executives and employees have been victims of business email compromise, which leads to the loss of important information and finances to scammers. BEC is a type of internet phishing scam whose major target is top company CEOs, CIOs, CFO, and more intending to transfer clients\u2019 data or money. Cyber attackers gain access to an organization\u2019s emails and take off with crucial information with the main goal to fleece finances from the organization.<\/p>\n
The FBI has given BEC scam the title \u201c$26 billion scams\u201d because the scam costs businesses an average of $5.2 million per breach. The breach keeps on increasing, with cyber attackers finding sophisticated ways to con employees of organizations. Here are real-world examples of BEC scams.<\/p>\n
Toyota $37M<\/strong><\/p>\n A Toyota subsidiary Toyota Boshoku Corporation became a victim of a\u00a0business email compromise (BEC)\u00a0which led the company to lose $37 million, equivalent to 4 billion Japanese Yen. It is another classic example of BEC where a scammer managed to persuade a financial official of the organization to change the information of the account that will receive the money electronically.<\/p>\n After discovering the fraud, the company began an investigation together with its legal professionals and informed the local authorities.<\/p>\n Toymaker Mattel $3M<\/strong><\/p>\n The email attack successfully managed to trick the toymaker top executive to wire $3 million to a bank account located in Wenzhou, China. An email in the form of a regular business payment request asked the organization\u2019s finance department to complete the transaction.<\/p>\n The email scammer impersonated Mattel CEO, and the employee at the finance department was prompt to act on the request in an attempt to please the new executive. Fortunately, the Chinese law enforcement was able to follow up and managed to recover the amount a week later, saving Mattel from losing the $3 million.<\/p>\n Obinamwe Okeke $11M<\/strong><\/p>\n The celebrated entrepreneur was sentenced in February 2023 for allegedly slamming his victim, an amount leading to $11 million. The scammer was able to use the email addresses of employees and top CEO to perform the phishing scam. With the email credentials in his possession, he was able to log into the accounts of top CEOs, including the CFI of a British company called Unatrac Holding. The scammer wired the money to offshore accounts to avoid the local authorities from tracking and recovering the amount.<\/p>\n Government of Puerto Rico $2.6M<\/strong><\/p>\n The organization reported to the local police department the loss that cost the Puerto Rico Industrial Development Company $2.6 million to scammers. The government agency allegedly received an email suggesting a change in the account details to remit the finances.<\/p>\n The email came from an account that was hacked and belonged to an employee of the Puerto Rico Employment Retirement System. The government came forward and said the agency fell prey to a business email compromise scam. The amount included public pension funds and was frozen by the FBI.<\/p>\n St Ambrose Catholic Church $1.7M<\/strong><\/p>\n The Ohio-based parish also became a victim of the ever-rising business email compromise scam when attackers were able to access the email addresses of two employees. The parish was undertaking a project to make some renovations at a budget of $4 million.<\/p>\n Scammers were able to have a preview of this information and found a way to hack into the employees\u2019 email accounts and successfully divert the payments to their falsified accounts. The church authorities discovered the scam when the contractors mentioned they had not been paired. This is a classic case that tells us the importance of training the employees on basic cybersecurity aspects like setting passwords, using apps, attending to unknown messages or\u00a0buying a new phone<\/a>\u00a0and configuring it to enhance online safety.<\/p>\n Xoom Corporation $30.8M<\/strong><\/p>\n This comes as a surprise because Xoom Corp is a financial institution that fell victim to an email compromise scam that cost the company $30.8 million, leading to the shares going down by 17%. The amount was allegedly transferred to oversee accounts when a fraudulent employee requested targeting the finance department.<\/p>\n The scammer emailed an employee pretending to be the CEO requesting to wire the said amount to the mentioned account for an alleged business deal. It turned out to be a classic case of BEC.<\/p>\n