BEC Costs UK Firms £140M Over Past Year
Reported business email compromise (BEC) incidents have hit 4600 cases over the past 12 months, costing individuals and businesses £138m in losses, according to new figures from the UK’s National Economic Crime Centre (NECC).
The government body is working with the National Crime Agency (NCA), City of London Police, banking group UK Finance and fraud prevention non-profit Cifas on a new campaign to raise awareness of the crime, also dubbed “mandate fraud” or “payment diversion fraud.”
It claimed that the average amount lost over those 4600 cases was £30,000, with criminals typically impersonating others and creating or amending invoices to trick victims into diverting money to accounts under their control.
Often, legitimate email accounts are hijacked via phishing or impersonated using techniques like typosquatting to add legitimacy to the money transfer request.
The NECC claimed that spikes in fraud usually occur in March and November, to coincide with financial year-ends.
“Payment diversion fraud is increasing, and it is vital that people are alive to the threat. Small and medium-sized businesses are most at risk due to less comprehensive IT security, but these criminals will also target home-buyers due to