NCUA issued a Risk Alert (21-RISK-01) this week highlighting a recent bulletin that cybercriminals are targeting organizations that use popular cloud-based email services to conduct Business Email Compromise (BEC) scams. NCUA notes credit unions can take steps to prevent this type of fraud and should report any incidents of fraud immediately to the FBI’s Internet Crime Complaint Center and local FBI field office.
Reporting incidents to the Internet Crime Complaint Center within 24 hours increases the chances of recovery for funds wired under fraudulent pretenses, according to NCUA.
BEC scams are generally initiated through phishing emails designed to steal email account credentials. Cybercriminals use phishing kits that impersonate popular cloud-based email services.
Credit unions can take the following steps to help prevent BEC fraud: