A global stop-payment mechanism established by INTERPOL has successfully recovered over $40 million stolen in a BEC attack targeting a company in Singapore. According to INTERPOL, this represents the largest recovery of funds stolen through a Business Email Compromise (BEC) scam to date.
BEC scams are cyberattacks in which criminals redirect legitimate corporate payments to bank accounts they control. These attacks occur when threat actors compromise a vendor’s or company’s email address, deceiving billing departments into updating banking information for payments. Once the payments are made, the attackers swiftly utilize money mules to drain the accounts or transfer the funds to multiple other accounts under their control.
The 2023 FBI IC3 Report indicated 21,489 complaints, with reported losses amounting to $2.9 billion due to business email compromise in 2023.
I-GRIP recovers over $40 million
INTERPOL announced that a commodity firm based in Singapore fell victim to a BEC attack after receiving what appeared to be an email from their supplier.
“On 15 July, the firm received an email from a supplier requesting that a pending payment be sent to a new bank account based in Timor Leste,” the announcement stated.
“However, the email came from a fraudulent account with a slightly altered spelling from the supplier’s official email address.”
Believing the request was legitimate, the firm wired $42.3 million to the attacker-controlled bank accounts. Four days later, they realized they had been deceived.
After reporting the incident to Singaporean authorities, law enforcement utilized INTERPOL’s Global Rapid Intervention of Payments (I-GRIP) to seek assistance from Timor Leste authorities, resulting in the recovery of $39 million from the BEC attack.
Further investigations by Timor Leste authorities led to the arrest of seven suspects and the recovery of an additional $2 million, bringing the total recovered amount to $41 million.
In June, a global police operation named “Operation First Light” resulted in the arrest of 3,950 individuals for their suspected involvement in phishing, pig butchering scams, fake online shopping sites, and romance and impersonation scams.
I-GRIP was also instrumental during the operation, helping to recover millions of dollars stolen by threat actors. Since its launch in 2022, I-GRIP has facilitated the recovery of over $500 million stolen through fraud and cybercrime.
Source: BleepingComputer, Lawrence Abrams
