FBI: Business Email Compromise Tops Online Fraud Losses in 2017

June 7, 2018

2017 was a milestone year for the FBI’s Internet Crime Complaint Center (IC3)—and it wasn’t necessarily a good thing. On Oct. 12, 2017, at 4:10pm, the IC3 received its 4 millionth consumer internet crime complaint.

The IC3 was established in May 2000 to receive complaints of Internet crime. Over the last five years, the IC3 has received an average of more than 284,000 complaints per year. According to the FBI’s 2017 Internet Crime Report, the IC3 received a total of 301,580 complaints with reported losses exceeding $1.4 billion last year.

“We want to encourage everyone who suspects they have been victimized by online fraudsters to report it to us,” says IC3 chief Donna Gregory. “The more data we have, the more effective we can be in raising public awareness, reducing the number of victims who fall prey to these schemes, and increasing the number of criminals who are identified and brought to justice.”

The top three crime types by volume reported by victims in 2017 were non-payment/non-delivery, personal data breach and phishing.

More importantly to the title and settlement services industry, Business Email Compromise (BEC)/Email Account Compromise (EAC) was the top crime in 2017 with the highest reported loss at more than $675 million.

BEC is a sophisticated scam targeting businesses that regularly perform wire transfer payments. The Email Account Compromise (EAC) variation of BEC targets individuals who regularly perform wire transfer payments.

Both scams typically involve one or more fraudsters, who compromise legitimate business email accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds. Because the techniques used in the BEC and EAC scams have become increasingly similar, the IC3 began tracking these scams as a single crime type in 2017.

Fraudulent transfers conducted as a result of BEC and EAC have been routed through accounts in many countries with a large majority traveling through Asia.

BEC and EAC are constantly evolving as scammers become more sophisticated. In 2013, victims indicated the email accounts of chief executive officers or chief financial officers were hacked or spoofed, and fraudulent emails were sent requesting wire payments be sent to fraudulent locations. In 2014, victims reported personal email accounts were being compromised, and fraudulent requests for payment were sent to vendors identified out of their personal contact lists. In 2015, victims reported being contacted by subjects posing as lawyers or law firms instructing them to make secret or time sensitive wire transfers.

In real estate transactions, fraudsters assume the identity of the title agent or real estate agent handling the sale. The criminals forge the person’s email and other details that appear specific and authentic. Next, posing as the real estate or title agent, the scammers send an email to the buyer, providing wire instructions to the criminal’s bank account, not that of the title agency’s legitimate account.

Contact ALTA at 202-296-3671 or communications@alta.org.