The FBI is alerting New Mexico businesses, school districts, and government agencies to be on the lookout for business email compromise (BEC) scams, which so far has cost more than $1 million in the state.
A New Mexico county recently lost approximately $500,000 in a BEC fraud, while a small private school system in the state avoided being scammed out of more than $55,000 through quick action by employees.
So far in 2021 (January-June), 29 BEC incidents were reported in New Mexico with a loss of $1,025,317.
In a typical business email compromise (BEC) scheme, the victim receives an email they believe is from a company they normally conduct business with, but this specific email requests funds be sent to a new account or otherwise alters the standard payment practices.
“Businesses, government agencies, and schools have been through a difficult year, and many are still trying to get back on their feet,” said Special Agent in Charge Raul Bujanda of the Albuquerque FBI Division. “They need to be aware that cyber criminals won’t give them a break. The FBI and our partners urge communities to be vigilant and educate themselves about online scams like BEC.”
If you discover you are a BEC victim, immediately contact your financial institution to request a recall of funds and your employer to report irregularities with payroll deposits.
As soon as possible, file a complaint with the FBI’s Internet Crime Complaint Center at bec.ic3.gov.
All other frauds can be reported to ic3.gov.
To protect yourself from BEC fraud, the FBI advises you to be on the lookout for the following red flags:
– Unexplained urgency
– Last-minute changes in wire instructions or recipient account information
– Last-minute changes in established communication platforms or email account addresses
– Communications only in email and refusal to communicate via telephone or online voice or video platforms
– Requests for advanced payment of services when not previously required
– Requests from employees to change direct deposit information
The FBI also recommends the following tips to help protect yourself and your assets:
– Be skeptical of last-minute changes in wiring instructions or recipient account information.
– Verify any changes and Information via the contact on file — do not contact the vendor through the number provided in the email.
– Ensure the URL in emails is associated with the business it claims to be from.
– Be alert to hyperlinks that may contain misspellings of the actual domain name.
– Verify the email address used to send emails, especially when using a mobile or handheld device, by ensuring the sender’s email address appears to match who it is coming from.
More information can be found at: https://www.fbi.gov/scams-and-safety/common-scams-and-crimes/business-email-compromise