Versions of CEO fraud attacks Essay

Versions of B.E.C. (aka Man in the Middle or CEO Fraud)
Version 1
A business, which often has a long standing relationship with a supplier, is asked to wire funds for invoice payment to an alternate, fraudulent account. The request may be made via telephone, fax, or email. If an email is received, the subject will spoof the email request so it appears very similar to a legitimate account and would take very close scrutiny to determine it was fraudulent. Likewise, if a facsimile or telephone call is received, it will closely mimic a legitimate request. This particular version has also been referred to as "the bogus invoice scheme," "the supplier swindle," and "invoice modification scheme."
Version 2
The email accounts of high-level business executives (CFO, CTO, etc.) are compromised. The account may be spoofed or hacked. A request for a wire transfer from the compromised account is made to a second employee within the company who is normally responsible for processing these requests. In some instances a request for a wire transfer from the compromised account is sent directly to the financial institution with instructions to urgently send funds to bank "X" for reason "Y." This particular version has also been referred to as "CEO fraud," "business executive scam," "masquerading," and "financial industry wire frauds."
Version 3
An employee of a business has his/her personal email hacked. Requests for invoice payments to
fraudster controlled bank accounts are sent from this employee's personal email to multiple vendors identified from this employee's contact list. The business may not become aware of the fraudulent requests until they are contacted by their vendors to follow up on the status of their invoice payment.
Version 4
A fourth version of this scam has recently been identified based on victim complaints. Victims report being contacted by fraudsters, who typically identify themselves as lawyers or representatives of law firms and claim to be handling confidential or time sensitive matters. This contact may be made via either phone or email. Victims may be pressured by the fraudster to act quickly or secretly in handling the transfer of funds. This type of B.E.C. scam may occur at the end of the business day or work week or be timed to coincide with the close of business of international financial institutions.
Version 5
B.E.C. victims recently reported receiving fraudulent emails requesting either all Wage or Tax Statement (W2) forms or a company list of Personally Identifiable Information (PII) prior to a traditional BEC incident. These fraudulent requests are usually sent utilizing a business executive's spoofed email. The entity in the business organization responsible for the W2 and/or PII, HR, bookkeeping or auditing section, is the targeted recipient of the fraudulent request. Victims report they have fallen for the W2PII twist even if they were able to successfully identify and avoid the traditional B.E.C. incident. The B.E.C. W2PII twist appears to be timed for the tax season. This new twist, at this time, does not appear to link with other tax scams.