Scammers Behind €10 Million BEC Fraud Arrested in Spain

by chebbi abir

Three people, part of a Business Email Compromise (BEC) scammer group that stole roughly €10.7 million ($11,900,000) from 12 companies, were arrested in Spain by the Guardia Civil as part of Operation Lavanco.

BEC (otherwise known as Email Account Compromise, CEO fraud, or CEO impersonation) fraud schemes are scams that allow crooks to trick a company’s employees to wire out funds to attacker-controlled bank accounts they control via computer intrusion or by using social engineering.

The Spanish Civil Guard is also currently investigating a fourth individual suspected of being involved in the group’s illegal operations that affected businesses from 12 countries, including Belgium, Venezuela, Bulgaria, Norway, the United States, Germany, Luxembourg, Portugal, Chile, and the United Kingdom.

All individuals found to be part of this BEC scam group face multiple charges for “belonging to a criminal organization, continued scam, money laundering, discovery and disclosure of secrets, documentary falsehood and usurpation of marital status.” The crooks are between 34 and 67 years of age and they come from multiple Spanish provinces like Seville, Cuenca, Tarragona, and Albacete.

The BEC scammers requested wire transfers to bank accounts they controlled using the victim companies’ manager accounts, using credentials stolen in spear-phishing attacks and custom invoices with the targeted organization’s letterhead.

€1,290,000 recovered so far

“To launder the money, the organization had created a complex financial framework of companies and bank accounts. Researchers have come to identify a total of 83 companies and 185 bank accounts related to this scam,” says a Civil Guard press release [automated translation].

“In order not to be detected, the course of the scammed money suffered a continuous movement between these accounts. So far, the Civil Guard has been able to recover 1,290,000 euros, divided into 16 accounts of the band that have already been blocked.”

The proceeds coming from their BEC fraud operation were later laundered by the scam group by purchasing real estate also details the Spanish Civil Guard.

The Lavanco operation, a coordinated effort of multiple law enforcement agencies from several countries, began in 2016 and it was coordinated by the Guardia Civil from the Lugo Command Center, with the collaboration of Europol and Interpol.

The investigation also involved multiple law enforcement bodies from all over the world such as the U.S. Federal Bureau of Investigation (FBI) or the German Federal Criminal Police Office (BKA, short for Bundeskriminalamt).

One small part out of a $26 billion scam

Last month, 281 people were arrested over four months in the U.S. and other countries from all over the world as part of Operation reWired, a similar coordinated law enforcement to disrupt Business Email Compromise (BEC) schemes.

Operation Wire Wire that was announced in June 2018, was the first enforcement action that targeted hundreds of BEC scammers and led to the arrest of 74 individuals, the seizure of around $2.4 million, and the disruption and recovery of approximately $14 million in fraudulent wire transfers.

Such attacks target both individuals and businesses indiscriminately, from the smallest firms to high-profile global corporations large businesses, and they have a high success rate due to the fraudsters’ option to pose as someone trusted like the company’s CEO or a business partner.

FBI’s Internet Crime Complaint Center (IC3) said that victim complaints related to 166,349 domestic and international incidents were received between June 2016 and July 2019, with a total exposed dollar loss of more than $26 billion, in a BEC public service announcement issued in September.

Statistics reported in victim complaints to the IC3 between June 2016 and July 2019:
Domestic and international incidents: 166349
Domestic and international exposed dollar loss: $26,201,775,589.00

The Financial Crimes Enforcement Network (FinCEN) also published a report in July stating that BEC SAR (short for suspicious activity reports) filings have risen from a $110 million monthly average in 2016 to over $301 million each month during last year.

Fighting off BEC scammers

Organizations have to implement strict vendor processes for authenticating and checking payment info changes via multiple methods to ensure that their employees aren’t deceived by BEC scammers.

These methods include direct phone calls or face-to-face meetings each time a modification to payment information is discovered.

If you have become the victim of a BEC scam, you have to immediately contact your financial institution “to request a recall of funds and your employer to report irregularities with payroll deposits” according to the FBI.

The federal agency also recommends to “file a complaint regardless of the amount with or, for BEC/EAC victims,”



To read the original article:


Interdit de copier  ce contenu