Three examples of business email compromise (BEC)

Security challenges

Business email compromise (BEC) is one of the most financially damaging cybercrimes of the twenty-first century, causing over $1.8 billion worth of losses to businesses last year alone. Unfortunately, in recent years, cases of BEC seem to have become more prevalent than ever before. In fact, since January 2015, there has been a shocking 1,300% increase in identified losses from BEC attacks.

In this article, we'll take a look at three of the top business email compromise examples from the last few years and share our expert tips on how you can protect your organization. 

The three top BEC attacks in recent years

1) Obinwanne Okeke: $11 million

From the outside, Obinwanne Okeke appeared to be a successful entrepreneur. The reality, however, is much more sinister. FBI investigators discovered that some of Okeke's business ventures were the result of fraud or theft.

In 2018, Okeke sent a phishing email to the Chief Financial Officer (CFO) of a London construction equipment distributor. Within the email was a link to a legitimate looking website that Okeke controlled. The CFO logged in and unknowingly shared their details with Okeke, who then took control of the CFO's email account and sent invoices requesting millions of dollars.

The money transfers went directly into overseas accounts, meaning that UK law enforcement couldn't aid in recovering them. As such, the company lost $11 million.

2) Guillermo Perez: $2.2 million

26-year-old Houston resident, Guillermo Perez, was arrested in June 2021 in connection with a multi-million dollar wire fraud and money laundering scam involving BEC.

From October 2018 to October 2019, Guillermo and his co-conspirators allegedly tricked their victims - via spoofed emails - into transferring money to bank accounts he controlled. Perez then reportedly opened a fraudulent business bank account and wired the stolen $2.2 million to it, attempting to cover up the origin of the money.

3) Noel Chimezuru Agoha, Sessieu Ange Oulai and Kelechi Arthur Ntibunka: $1.1 million

Three Maryland residents face federal indictment for crimes involving BEC, which defrauded victims out of $2.3 million.

From August 2016 to December 2018, Agoha, Oulai and Ntibunka sent spoofed emails and made fraudulent phone calls to businesses. The three men posed as representatives of clients, who these organizations regularly dealt with, and requested victims to transfer money into drop accounts. The indictment alleges that the defendants stole over $1.1 million as a result of their BEC scams.

How to prevent business email compromise

BEC presents a significant financial risk to businesses and, as cybercriminals' scams become increasingly sophisticated, they're catching more employees out. Worryingly, invoice and payment fraud BEC attacks increased by more than 75% in the first three months of 2020. 

So, what can you do to defend your organization?

  • Invest in a company domain. Don't use free, web-based email addresses for your business. These are easier for hackers to impersonate. It's also worth purchasing any similar company domains so cybercriminals can't use them to fool your employees.
  • Utilize multi-factor authentication. Require users to provide two or more pieces of information to log-in as this will make it trickier for cybercriminals to compromise their accounts.
  • Forward emails instead of replying. Don't reply directly to suspicious emails. Instead, forward them to the sender's correct email address.
  • Don't open suspicious emails. Ignore emails from senders you don't know (when possible). However, if you must read them, don't open attachments directly onto your device as they could install malware.
  • Create processes. Put a policy in place that requires employees to seek internal approval to carry out wire transfers and share confidential information.
  • Be observant. If your client suddenly asks you to begin using their personal email address when all previous conversation has gone through a business account, this could be a sign of an impostor. If you're not sure, verify the request directly with the sender using a different contact method.

Learn more about how to prevent business email compromise

Cybercrime is constantly evolving, so you must stay in the know. 

Visit the Egress phishing hub to read expert advice and learn more about the latest email scams. Protect yourself and your data today.