by Avi Gesser, Zila Reyes Acosta-Grimes, Christopher S. Ford, Robert Maddox, and Brenna Rae Sooy
On June 9, Calvin A. Shivers, Assistant Director of the Criminal Investigative Division of the FBI, testified before the Senate Judiciary Committee regarding a variety of frauds during COVID-19, including Business Email Compromise (“BEC”) frauds and the FBI’s response.
BECs are among the most successful and persistent forms of cyber attacks. Indeed, the FBI has seen increases in cyber-enabled financial fraud like BECs every year since 2013. In 2019 alone, the FBI reported (PDF: 2.87 MB) 23,775 BECs and email account compromise complaints that led to adjusted losses of over $1.7 billion. For example, on May 13, the Norwegian Investment Fund for developing countries, Norfund, announced it was the victim of a BEC fraud, whereby cyber criminals diverted a $10 million loan intended for a microfinance institution in Cambodia. The fraud took place on March 16, but it was not discovered until April 30 when the hackers attempted a second fraud. Further, on April 6 and April 13, the FBI warned that, due to COVID-19-related disruptions, many businesses have become more vulnerable to BECs.