FBI warns of BEC attackers impersonating CEOs in virtual meetings

FBI warns of BEC attackers impersonating CEOs in virtual meetings

Image: Charles Deluvio

The Federal Bureau of Investigation (FBI) warned today that US organizations and individuals are being increasingly targeted in BEC (business email compromise) attacks on virtual meeting platforms.

BEC scammers are known for using various tactics (including social engineering, phishing, and hacking) to compromise business email accounts with the end goal of redirecting payments to their own bank accounts.

In this type of attack, the crooks target small, medium, and large businesses alike, as well as individuals. The success rate is also very high since the fraudsters usually pose as someone the employees trust, like business partners or CEOs.

Crooks impersonating CEOs in virtual meetings

In a Public Service Announcement issued today, the FBI said it noticed scammers switching to virtual meeting platforms matching the overall trend of businesses moving to remote work during the pandemic.

“Between 2019 through 2021, the FBI IC3 has received an increase of BEC complaints involving the use of virtual meeting platforms to instruct victims to send unauthorized transfers of funds to fraudulent accounts,” the FBI said [PDF].

As explained in FBI’s PSA, the criminals are using such collaboration platforms in their attacks in various ways, including impersonating CEOs in virtual meetings and infiltrating meetings to harvest business information:

  • Compromising an employer or financial director’s email, such as a CEO or CFO, and requesting employees to participate in a virtual meeting platform where the criminal will insert a still picture of the CEO with no audio, or “deep fake1” audio, and claim their video/audio is not properly working. They then proceed to instruct employees to initiate transfers of funds via the virtual meeting platform chat or in a follow-up email.
  • Compromising employee emails to insert themselves in workplace meetings via virtual meeting platforms to collect information on a business’s day-to-day operations.
  • Compromising an employer’s email, such as the CEO, and sending spoofed emails to employees instructing them to initiate transfers of funds, as the CEO claims to be occupied in a virtual meeting and unable to initiate a transfer of funds via their own computer.

BEC scams behind record financial losses

According to the FBI’s 2020 annual report on cybercrime, BEC scams are a very lucrative “business,” seeing that BEC attacks were behind a record number of complaints and financial losses of roughly $1.8 billion.

This was the lion’s share out of the $4.2 billion officially lost to cybercrime by Americans in 2020.

Out of 791,790 complaints received by the FBI’s Internet Crime Complaint Center (IC3), 19,369 complaints were about BEC or email account compromise (EAC) scams.

The FBI also warned US private sector companies in March 2021 about BEC attacks increasingly targeting state, local, tribal, and territorial (SLTT) government entities.

In previous alerts, the FBI said BEC scammers abuse cloud email services such as Google G Suite and Microsoft Office 365, as well as email auto-forwarding in their attacks.