Business Email Compromise: A Global Menace

The Scale of Financial Crime — Part 4

March 14, 2024 by Nasdaq Verafin

First identified in the early 2010s by the FBI as a financial cyber threat, Business Email Compromise (BEC) has evolved into a global menace to the integrity of our financial system. Nasdaq’s 2024 Global Financial Crime Report attributed $10 billion in losses to cyber-enabled scams last year alone, with BEC comprising the bulk of that number at $6.7 billion globally. Shouldered by organizations of all sizes, from massive corporations to mom-and-pop businesses, government departments, non-profits, academic institutions, and title companies, BEC is pervasive — and its impacts are greater than financial loss.

Losing More than Money

BEC has life-changing consequences. From financial ruin to lost business, lawsuits, and the risk of further data breaches, the repercussions can severely impact the reputation and growth of an organization. Clients of the company may be affected, jeopardizing major purchases such as property transactions, and in severe cases the business may not survive the financial loss, risking the careers and earnings of employees. No dollar value can capture this toll. It is immeasurable — and preventable.

Business Email Compromise is Evolving

A form of authorized push payment (APP) fraud, BEC has grown more sophisticated and lucrative over the past decade as bad actors have improved phishing tactics, honed email spoofing, and increasingly collaborated and abused emerging technology such as artificial intelligence and cryptocurrency. Unfettered by laws or regulations, criminals have escalated their deceit beyond using just fake CEO business emails to utilize social engineering techniques, targeting transactions of all kinds.

A sub-category of BEC fraud, Real Estate Wire Fraud (REWF), has become a preferred method for criminals given the high value of real estate transactions. This form of BEC fraud can be catastrophic, with individuals often losing their savings and the home involved in the purchase. In the Nasdaq report, Lilah Jones, a victim of REWF, shares how the experience jeopardized over $120,000 and her dream home.

“Don’t assume it can’t be you. No matter what you do for a living, or where you are in your life or how efficient you think you are — nobody is above being scammed.”
– Lilah Jones, Business Email Compromise Survivor

Fighting Business Email Compromise: Tips for Financial Institutions

Financial institutions are critical in the fight to prevent the life-changing consequences of BEC and other forms of APP fraud. Awareness, technology, and collaboration are pivotal to decisive action.

Promote Awareness
Awareness of the warning signs of social engineering is a powerful first defense against BEC. Ensuring your staff can recognize red flags of common tactics, such as phishing, and encouraging your customers and corporate clients to learn the same is key to preventing a BEC attempt in its initial stages — before funds are moved.

Implement Effective Fraud Controls
Given the potentially lifechanging consequences of BEC, having an effective financial crime management platform in place is essential. Your solution should provide robust prevention over commonly exploited channels, such as wire, and combine behavioral evidence with consortium insights to allow you to truly understand the risk associated with a payor and payees who do not bank at your institution. Together with intelligent segmentation that considers the behaviors characteristic for businesses and title companies, and real-time analysis, you can interdict a suspicious payment before the funds leave your institution.

Collaborate to Fight Back
By collaborating and sharing information under the safe harbor authorized by section 314(b) of the USA PATRIOT Act, financial institutions can overcome siloes that hinder prevention and gain key insights into BEC attempts and other financial crimes spanning multiple institutions.

BEC is a major global concern. To protect customers and the integrity of our financial system, collective action by financial institutions and the industry at large is critical.


The Scale of Financial Crime Blog Series

Read the rest of the Scale of Financial Crime series — 5-minute blogs with key insights from the 2024 Global Financial Crime Report and tips for your financial institution to respond.

[Part 1] A $3.1 Trillion Financial Crime Epidemic
A quick overview of the world’s multi-trillion-dollar epidemic and its human impacts.

[Part 2] Romance Scams: A Heartless Reality
As romance scams cause billions in losses, the emotional toll is immeasurable.

[Part 3] Elder Fraud: Prevalent & Preventable
Elder fraud is drastically underreported — and still a $77.7 billion global issue.

[Part 5] Human Trafficking: A Humanitarian Crisis
Human trafficking is a $346.7 billion criminal enterprise where profit is above all else.

[Industry Commentary] Turning the Tide: Expert Insights on $3.1T in Financial Crime
Dive deeper into the Global Financial Crime Report with perspectives from industry experts.

Nasdaq Verafin provides cloud-based Financial Crime Management Technology solutions for Fraud Detection, AML/CFT Compliance, High-Risk Customer Management, Sanctions Screening and Management, and Information Sharing. More than 2,500 financial institutions globally, representing more than $8T in collective assets, use Nasdaq Verafin to prevent fraud and strengthen AML/CFT efforts. Leveraging our unique consortium data approach in targeted analytics with artificial intelligence and machine learning, Nasdaq Verafin significantly reduces false positive alerts and delivers context-rich insights to fight financial crime more efficiently and effectively. To learn how Nasdaq Verafin can help your institution fight fraud and money laundering, call 1-877-368-9986.