FBI Warns of Threat Tactics Similar to Business Email Compromise

The Federal Bureau of Investigation (FBI) issued a warning to companies in the United States about threat actors that are using strategies similar to business email compromise (BEC) to steal various commodities from vendors. Most business email compromise attacks aim to steal money by deceiving victims into transferring payments to fraudsters’ accounts. In 2021, the losses related to business email compromise scams were about $2.4 billion in the United States alone. The amount is based only on over 20,000 complaints received by the FBI. Threat actors in this type of fraud discovered by the FBI use fake acquisition schemes to acquire various products from vendors in the United States.

Threat Tactics Similar to Business Email Compromise

FBI explained in the alert that threat actors are mimicking the email domains of United States-based companies to make mass purchases. The scammers are conscientious enough to utilize fake emails with the identities of real employees, current or former, of companies they impersonate. Defrauded vendors believe they’re executing legal business activities to fulfill purchase orders for distribution. According to the FBI, construction materials, agricultural supplies, computer technology hardware, and solar energy products are the commercially available goods targeted in this fraud. Even though the technological abilities required to fake email addresses are minimal, the threat actors appear to be professional fraudsters familiar with companies’ payments and how to conceal the cheating.

According to the FBI, the cybercriminal threat actors would additionally prolong fraud detection by applying for credit (Net-30 and Net-60 periods) from the seller using forged references and W-9 forms, including income information. After receiving a credit payment term of 30 or 60 days, the fraudsters can begin future purchase orders without paying in advance. Before agreeing to transactions, vendors need to investigate the source of emails. They can obtain the buyers’ contract information from trustworthy sources, including companies’ websites, social media, or online databases) and contact them directly to ask about the buyers’ purchase intent.

With threat actors using tactics like business email compromise to steal sensitive information from various vendors, it’s important for companies always to remain alert to the latest threat landscape and train their employees to identify potential email scams. At SpearTip, our certified engineers work 24/7/365 at our Security Operations Center to monitor companies’ data networks for potential BEC attacks. They are ready to respond to incidents at a moment’s notice. SpearTip’s remediation experts work to restore companies’ operations, reclaim their networks by isolating malware, and recover business-critical assets. Our ShadowSpear Threat Hunting is a critical pre-breach step that evaluates the effectiveness of current security measures, including email systems, to determine the overall health of companies’ environment and prevent breaches.

If your company is experiencing a breach, call our Security Operations Centers at 833.997.7327 to speak directly with an engineer.