Updated Online Fraud Advisory: Business E-mail Compromise Scam

Thu, 2018-04-12

Detective Superintendent Sean Field-Lament of the Bermuda Police Service (BPS) Crime Division - “I wish to continue to raise awareness of the Bermuda business community in regards to an emerging cyber threat named ‘Business Email Compromise’ (BEC), also called ‘CEO fraud’.

The Organized and Economic Crime Department (OECD) has now received four reports in the last 2 weeks from local businesses regarding significant cyber-enabled fraud incidents.

Two frauds resulted in the loss of $1.3M (million) and $4M (million) in separate incidents, and the other two attempts at different businesses were discovered before funds were actually transferred.

The BPS would encourage all companies to robustly review their business processes to guard against this type of cyber-crime.

The scam is a well-known fraud and is carried out by compromising legitimate business e-mail accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds.

It targets businesses that work with foreign suppliers and/or regularly perform wire transfer payments.

It has resulted in numerous businesses attacked worldwide, including in all 50 U.S. states and in over 100 countries.

It appears that scammers are making attempts at local businesses but there is no suggestion that Bermuda is being targeted generally.

Bermuda is not immune to BEC scams. We have had several variations of the fraud reported in the last few years, and we are working with the FBI on the latest incidents.”