The rise of cybercrime is one of the biggest threats facing organizations today. As companies rely more and more on technology to operate, they become increasingly vulnerable to attacks by cybercriminals looking to exploit weaknesses in their systems. One of the most effective techniques used by these criminals is business email compromise (BEC), which involves impersonating decision-makers and other employees to trick them into making financial transfers.
A recent operation led by Europol has demonstrated just how devastating BEC scams can be. The Franco-Israeli criminal network involved in this operation was responsible for stealing €38 million ($40.3 million) from French companies by posing as CEOs and other executives and diverting payments to their own bank accounts. The gang used sophisticated BEC attacks to compromise the email accounts of their targets and monitor their communications, identifying opportunities to make fraudulent transfers.
Europol, the European Union’s law enforcement agency, has led an international bust that resulted in the arrest of cyber fraudsters who stole €38 million ($40.3 million) by impersonating as company’s CEO. The joint investigation was carried out by law enforcement agencies in France, Hungary, Portugal, Spain, Israel, and Croatia. The fraudsters, believed to be French and Israeli nationals, targeted French companies by posing as decision-makers authorizing transfers of funds.
Arrests and Seizures
During the operation, eight suspects were arrested: six in France and two in Israel. Electronic equipment and vehicles were impounded, and around €5 million was frozen in bank accounts in Portugal, Hungary, Croatia, Spain, and €350,000 in virtual currencies.
How the Fraudsters Operated
The Franco-Israeli criminal network used sophisticated business email compromise (BEC) attacks to execute its cyber fraud scheme. The group allegedly compromised the email accounts of French companies and monitored their communications to identify opportunities to divert payments to their own bank accounts. The fraudsters then impersonated CEOs and other executives and requested last-minute changes to the bank account details, tricking the target company’s employees into transferring the funds to the criminals.
Business email compromise (BEC) is a highly effective scam in the cyber world, and it is estimated that it has cost organizations $26 billion since 2016. It is a fast-growing form of cybercrime where fraudsters impersonate decision-makers and company account department to cheat them into making financial transfers.
BEC scams rely on compromising the email accounts of the target organization to silently monitor communications and identify opportunities such as a pending payment to a contractor. When the time is right, the fraudsters send an email from the compromised user and request the accounting department to make a last-minute change to the receiving bank account details. Alternatively, scammers may impersonate a contractor and request a payment out of the blue or impersonate the CEO to instruct the accountants to make an urgent transfer.
In December 2021, the fraudsters impersonated the CEO of a large French metallurgical company to divert €300,000 to a bank account in Hungary. A few days later, the scammers attempted to steal another €500,000, but the transfer was stopped when the victim realized the fraud and reported it to the police.
In a subsequent case, the fraudsters targeted a real estate developer in Paris, impersonating lawyers who supposedly worked for a renowned accounting company in the country. “Pretending to be consultants, they persuaded the Chief Financial Officer (CFO) to transfer millions of euros abroad. In total, they defrauded the company of almost EUR 38 million in a matter of days.” – Europol.
