74 Arrested in FBI, DOJ BEC Scam Takedown
74 individuals were arrested over the last two weeks for their role in Operation Wire Wire, a law enforcement effort carried out by the FBI to disrupt a multi-million dollar business email compromise (BEC) scam campaign.
The Federal Bureau of Investigation (FBI) worked with law enforcement agencies from four continents over the last two weeks to takedown a ring of cybercriminals responsible for a series of business e-mail compromise (BEC) schemes. According to the Department of Justice, the scams led to a staggering $14 million in phony wire transfers.
The FBI announced the news, the culmination of a six-month investigation, on Monday afternoon.
The effort, dubbed Operation Wire Wire, resulted in the the seizure of $2.4M, 42 arrests across the United States, 29 in Nigeria, and three in Canada, Mauritius, and Poland.
The numbers around BEC scams continue to spike. From January 2015 and December 2016, there was a 2,370% percent increase in identified exposed losses, according to the FBI's Internet Crime Complaint Center. Last month the IC3 said scams in 2017 resulted in a loss of $675M, up from $350M the year before.
It's unclear when exactly the individuals arrested began perpetrating the scams. The FBI began its coordinated enforcement action in January.
Domestically the FBI worked in tandem with the Department of Homeland Security, the Department of the Treasury, and the U.S. Postal Inspection Service to carry out Operation WireWire. The agency recruited the help of local and state law enforcement and district attorney offices when it came to charging money mules in defrauding victims of the scams.
The FBI also thanked the Nigerian Economic and Financial Crimes Commission, the Toronto Police Service, the Mauritian Attorney-General and the Commissioner of Police, Polish Police Central Bureau of Investigation, Indonesian National Police Cyber Crimes Unit, and the Royal Malaysia Police, for assisting them in the operation.
In BEC scams attackers traditionally trick admins and employees with access to company finances to funnel them funds. The elderly, art galleries and collectors, and real estate purchasers have also found themselves targets over the last several years.
In schemes attackers convince victims to transfer money to accounts controlled by the cybercriminals or contract money mules, individuals who may or may not be aware of what they’re doing, to extract and transport the funds.
Building a value-based business case for DLP
23 of the U.S. arrests were made in the state of Florida where individuals reportedly laundered roughly $10M from BEC scams. Another scam in Connecticut resulted in the loss of $2.6 million, including $440K from one victim.
For one attack the FBI enlisted the help of the IRS' Criminal Investigation unit. Those arrested - a pair of Nigerian nationals residing in Texas - allegedly sent a real estate closing attorney an email asking for $246,000 be wired to their account. The victim lost $130,000 after the bank was notified of the fraud and froze $116K; the two were charged in an indictment in Georgia last week.
In another attack an unnamed individual secured access to the email accounts of a Massachusetts real estate attorney. The attacker attempted to trick users into transferring $500K to an account for a real estate transaction to "a shell account belonging to a money mule recruited and controlled by the defendant." The individual, a 25-year-old from Fort Lauderdale, was indicted in a federal court in Boston last week.
While not all of the attacks revolved around real estate scams the ones that did illustrate just how transactions made in that line of work are ripe for attack.
The IC3 saw a 480 percent increase in the number of complaints stemming from the real estate world in 2016. Attacks targeting the sector resulted in $56M last year, a jump from $47K the year prior.
The attacks continue to be profitable for attackers. Collectively BEC (and Email Account Compromise, a.k.a. EAC attacks) have amounted to a loss of over $3.7 billion, according to reports filed to the FBI's IC3.