"The BEC scam continues to grow, evolve, and target businesses of all sizes. Since January 2015, there has been a 1,300% increase in identified exposed losses. The scam has been reported by victims in all 50 states and in 100 countries. Reports indicate that fraudulent transfers have been sent to 79 countries with the majority going to Asian banks located within China and Hong Kong."
"Fraudulent requests are sent utilizing a business executive’s compromised e-mail. The entity in the business organization responsible for W-2s or maintaining PII, such as the human resources department, bookkeeping, or auditing section, have frequently been identified as the targeted recipient of the fraudulent request for W-2 and/or PII. Some of these incidents are isolated and some occur prior to a fraudulent wire transfer request. Victims report they have fallen for this new BEC scenario, even if they were able to successfully identify and avoid the traditional BEC incident. The data theft scenario (Scenario 5) of the BEC first appeared just prior to the 2016 tax season."Other common scenarios include working with a foreign supplier and receiving or initiating a request to conduct a wire transfer. The FBI recommends that companies protect themselves against business email compromise scams by deleting spam, avoiding free web-based email accounts, and limiting the types of information posted on social media. Any company that believes it might have been targeted by a BEC scam should contact their local FBI office as well as their trusted financial institution, the alert concludes.