Nearly 300 cyber crooks have been arrested for duping businesses and individuals out of millions of dollars in a worldwide wire transfer scam dismantled by a federal law enforcement operation, the U.S. Justice Department said.
The crooks used a business email compromise (BEC) swindle to trick unwitting victims with access to company finances into wiring money to bank accounts thought to belong to trusted partners but actually controlled by the criminals. A four-month long investigation dubbed Operation reWired resulted in the arrest of 281 people worldwide, including 74 individuals apprehended in the U.S. with the remainder coming from France, Ghana, Italy, Japan, Kenya, Nigeria, Malaysia, Turkey and the United Kingdom. Of those, 167 were in Nigeria.
Law enforcement seized some $3.7 million in the arrests and disrupted or recovered $118 million in fraudulent wire transfers. The multi-agency campaign included the Federal Bureau of Investigation (FBI), the U.S. Postal Inspection Service, and the departments of Homeland Security, State and Treasury. The dollar amounts are but a fraction of the damage BEC cons inflict on victims annually. According to the Internet Crime Complaint Center (IC3), nearly $1.3 billion in losses were reported in 2018 from BEC and its variant, Email Account Compromise (EAC), nearly twice as much as the prior year. Between October 2013 and December 2016, BEC schemes cost victims more than $5.3 billion globally, according to the IC3.
“The Department of Justice has increased efforts in taking aggressive enforcement action against fraudsters who are targeting American citizens and their businesses in business email compromise schemes and other cyber-enabled financial crimes,” said Deputy Attorney General Jeffrey Rosen. “Anyone who engages in deceptive practices like this should know they will not go undetected and will be held accountable.”
FBI Director Christopher A. Wray had a similar response to the criminal roundup. “Through Operation reWired, we’re sending a clear message to the criminals who orchestrate these BEC schemes,” he said. “We’ll keep coming after you, no matter where you are. And to the public, we’ll keep doing whatever we can to protect you.”
A number of the Operation reWired cases involved international criminal organizations that defrauded small- to large-sized businesses, while others involved individual victims who transferred high dollar funds or sensitive records in the course of business.
The IC3 recommends that users verify all financial requests received by email and also attend to the following:
- Use two-factor authentication to verify any change to account information or wire instructions.
- Check the full email address on any message and be alert to hyperlinks that may contain misspellings of the actual domain name.
- Don’t supply login credentials or personal information in response to a text or email.
- Regularly monitor financial accounts.
- Keep all software and systems up to date.
- Victims of business email compromise schemes are encouraged to contact law enforcement immediately and file a complaint online with the IC3 at bec.ic3.gov. The IC3 staff reviews complaints, looks for patterns or other indicators of significant criminal activity, and refers investigative packages of complaints to the appropriate law enforcement authorities.
Here’s some backstory of Operation reWired:
- Starting in May 2019, law enforcement agents executed over 214 domestic actions including arrests, money mule warning letters, and asset seizures and repatriations totaling nearly $3.7 million.
- Local and state law enforcement partners on FBI task forces across the country, with the assistance of multiple District Attorney’s Offices, also arrested alleged money mules for their role in defrauding victims.
- The cases were investigated by the FBI, U.S. Secret Service, U.S. Postal Inspection Service, ICE’s Homeland Security Investigations (HSI), IRS Criminal Investigation and U.S. Department of State’s Diplomatic Security Service.
Here’s an example of how a BEC scam works:
- Beginning in 2015, two men working remotely from the United Kingdom and Nigeria sent emails to an executive at a Connecticut-based company appearing to be from the company’s CEO, who was also located overseas.
- The purported CEO was requesting a wire transfer of funds. The email looked legitimate, so the company’s controller sent multiple wire transfers totaling more than $500,000. But as it turns out, the CEO’s email account had been spoofed—and the money went straight into accounts managed by the criminals.
“If you saw the email, it would look very legitimate,” said Special Agent Jennifer Boyer, who worked the case out of the FBI’s New Haven Field Office.