DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Operation reWired: Worldwide Sweep Targets Business Email Compromise

Posted on September 10, 2019 by Dissent

The FBI and federal partners today announced scores of arrests in the United States and overseas in a coordinated law enforcement sweep targeting perpetrators of an insidious scam that tricks businesses and individuals into wiring money to criminals.

Operation reWired, a months-long, multi-agency effort to disrupt and dismantle international business email compromise (BEC) schemes, resulted in 281 arrests, including 74 in the United States, officials announced. Arrests were also made in Nigeria, Turkey, Ghana, France, Italy, Japan, Kenya, Malaysia, and the United Kingdom. The sweep resulted in the seizure of nearly $3.7 million and the disruption and recovery of approximately $118 million in fraudulent wire transfers.

These sophisticated cyber-enabled scams often target employees with access to company finances and—using methods like social engineering and computer intrusions—trick them into making wire transfers to bank accounts thought to belong to trusted partners. The accounts are actually controlled by the criminals.

The operation follows last year’s Operation WireWire, a similar effort that led to total 74 arrests and the seizure of $2.4 million. Thirty-nine of the FBI’s 56 field offices participated in this year’s sweep alongside state and local task force officers and partner agencies, including the Department of Homeland Security, Department of State, Department of the Treasury, and the U.S. Postal Inspection Service.

The effects of this crime are far-reaching, and the dollar amounts involved are staggering. Since the Internet Crime Complaint Center (IC3) began formally tracking BEC (and its variant, email account compromise, or EAC) in 2013, it has gathered reports of more than $10 billion in losses from U.S. victims alone. The worldwide tally is more than $26 billion.

“The FBI is working every day to disrupt and dismantle the criminal enterprises that target our businesses and our citizens,” said FBI Director Christopher Wray. “Through Operation reWired, we’re sending a clear message to the criminals who orchestrate these BEC schemes: We’ll keep coming after you, no matter where you are.”

Criminal organizations that perpetrate BEC schemes don’t just target companies. They also exploit individual victims—such as real estate purchasers or the elderly—by convincing them to make wire transfers to bank accounts controlled by the criminals. The scam can also involve requests to purchase gift cards and send the serial numbers or to mail a check, but the request will always appear to come from someone known to or trusted by the victim.

“Through Operation reWired, we’re sending a clear message to the criminals who orchestrate these BEC schemes: We’ll keep coming after you, no matter where you are.”

FBI Director Christopher Wray

An FBI case that was part of last year’s operation illustrates how the BEC scheme works: Beginning in 2015, two men working remotely from the United Kingdom and Nigeria sent emails to an executive at a Connecticut-based company appearing to be from the company’s CEO, who was also located overseas. The purported CEO was requesting a wire transfer of funds. The email looked legitimate, so the company’s controller sent multiple wire transfers totaling more than $500,000. But as it turns out, the CEO’s email account had been spoofed—and the money went straight into accounts managed by the criminals.

“If you saw the email, it would look very legitimate,” said Special Agent Jennifer Boyer, who worked the case out of the FBI’s New Haven Field Office. She encouraged anyone who is in a position to wire money to pause and question all requests before hitting send.

“Take a moment to consider that maybe it’s not your boss and pick up the phone and verify,” said Boyer. “It’s that second-factor authentication that people really need to implement, and so many people don’t.”

In addition to verifying all financial requests received by email, the IC3 recommends businesses and individuals:

  • Use two-factor authentication to verify any change to account information or wire instructions.
  • Check the full email address on any message and be alert to hyperlinks that may contain misspellings of the actual domain name.
  • Don’t supply login credentials or personal information in response to a text or email.
  • Regularly monitor financial accounts.
  • Keep all software and systems up to date.

Victims of business email compromise schemes are encouraged to contact law enforcement immediately and file a complaint online with the IC3 at bec.ic3.gov. The IC3 staff reviews complaints, looks for patterns or other indicators of significant criminal activity, and refers investigative packages of complaints to the appropriate law enforcement authorities.

Resources

  • DOJ Press Release: 281 Arrested Worldwide in Coordinated International Enforcement Operation Targeting Hundreds of Individuals in Business Email Compromise Schemes
  • IC3 PSA: Business Email Compromise (9/10/19)
  • IC3 BEC Complaint Form: bec.ic3.gov
  • Internet Crime Complaint Center (IC3) Website: ic3.gov
  • FBI Story: Operation WireWire

Source: FBI

Category: Commentaries and AnalysesOf NotePhishing

Post navigation

← Credit card data from Russell Stover breach shows up for sale on the dark web
WI: Email hack sends strange message to students at Marquette University →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Why Dumping Sensitive Data on Network Shares is a Liability
  • A militarily degraded Iran may turn to asymmetrical warfare – raising risk of proxy and cyber attacks
  • Pro-Russian hackers disrupt Dutch government websites ahead of NATO summit
  • Iran-Linked Threat Actors Leak Visitors and Athletes’ Data from Saudi Games
  • UK: Oxford City Council still investigating cyberattack from earlier this month
  • Steelmaker Nucor Says Hackers Stole Data in Recent Attack
  • People’s Republic of China cyber threat activity: Cyber Threat Bulletin
  • Ukrainian Web3 security auditing company Hacken suffered an attack that allowed a hacker to create 900 million HAI tokens
  • McLaren provides written notice to 743,131 patients after ransomware attack in July 2024 (2)
  • A state forensics lab was leaking its files. Getting it locked down involved a number of people.

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Sky Views Personal Data as a Potential Weapon in IPTV Piracy War
  • Florida Used a Nationwide Surveillance Camera Network 250 Times To Aid in Immigration Arrests
  • Federal Court Strikes Down HIPAA Reproductive Health Care Privacy Rule
  • The Markup caught 4 more states sharing personal health data with Big Tech
  • Privacy in the Big Sky State: Montana’s Consumer Privacy Law Gets Amended
  • UK Passes Data Use and Access Regulation Bill
  • Officials defend Liberal bill that would force hospitals, banks, hotels to hand over data

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.