[BreachExchange] Three Charged in $11 Million BEC Scam

Destry Winant destry at riskbasedsecurity.com
Fri Oct 25 09:59:52 EDT 2019


https://www.databreachtoday.com/three-charged-in-11-million-bec-scam-a-13290

Spanish authorities say they've arrested three individuals on charges
of running a large-scale business email compromise scheme that
targeted a dozen companies around the world to steal about €10 million
($11 million).

The suspects, who are all residents of Spain, allegedly targeted
companies in the U.S., U.K., Belgium, Venezuela, Bulgaria, Norway,
Germany, Luxembourg, Portugal and Chile. The three arrested, who range
in age from 34 to 67, have been charged with "belonging to a criminal
organization, continued scam, money laundering, discovery and
disclosure of secrets, documentary falsehood and usurpation of marital
status," Spanish authorities say.

None of the three suspects were named by the Guardia Civil, Spain's
national police force, which led the investigation.

Over the course of a three-year investigation, dubbed "Lavanco,"
Spanish investigators uncovered a web of over 80 shell companies and
185 bank accounts used as part of the BEC scam, which allegedly helped
the suspects avoid detection and allowed them to launder the any
stolen.

BEC on the Rise

Business email compromise scams, also known as CEO fraud, have become
big money-makers for fraudsters.

A July report from the U.S. Treasury Department found that the scams
are costing U.S. companies a total of more than $300 million a month.

In September, the FBI's Internet Crime Complaint Center noted that
global losses and attempted thefts from BEC scams increased by 100
percent over a 14-month period. And the U.K. National Cyber Security
Center warned in September that schools and universities are also
falling victim to BEC schemes.

How the Scam Worked

Authorities in Spain say the suspects in the BEC scam allegedly began
by stealing credentials of managers at targeted companies using
phishing emails and then taking over their accounts.

Using these stolen executive email credentials, the suspects allegedly
sent fraudulent emails to lower-level employees that requested phony
wire transfers. To give the scam another layer of legitimacy, the wire
transfers were directed to banks with which the victim companies had
previously done business, Spanish authorities say.

The suspects also attached fake invoices that looked legitimate,
Spanish police note. The gang would then allegedly launder the money
they received through various shell companies and bank accounts,
authorities say. They also bought real estate to help launder the
stolen funds, police allege.

Police say that so far, they've recovered about €1.3 million ($1.4
million) in stolen funds from about 16 bank accounts.

Other Recent BEC Arrests

In another recent global BEC crackdown, 281 suspects were arrested as
part of the four-month investigation called "Operation reWired." Most
of the arrests were made in Nigeria, but others were arrested in the
U.K., Italy, Japan, France and elsewhere (see: Business Email
Compromise Crackdown: 281 Suspects Busted).

And in August, the U.S. Justice Department indicted 80 suspects for
running a global business email compromise scam that led to millions
of dollars in fraud and allegedly involved a complex money-laundering
operation (see: 80 Indicted for Scams, Including Business Email
Compromises).


More information about the BreachExchange mailing list