ICC hit by phishing scam, loses around USD 2.5 million
Jan 20, 2023
Dubai [UAE], January 21 : The International Cricket Council (ICC) was the target of cybercrime involving a wire transfer of a sizeable sum of money, roughly USD 2.5 million.
As per ESPNcricinfo the alleged scam originated in the USA and took place in 2022, albeit the precise amount involved has not been verified.
Business e-mail compromise (BEC), also known as e-mail account compromise, is the method that fraudsters used to carry out the financial scam. According to the Federal Bureau of Investigation (FBI), BEC is "one of the most financially destructive online crimes."
The ICC is keeping quiet about the matter because law enforcement in the USA has been notified of the possible fraud, and an investigation is currently being conducted. The ICC Board was informed about the incident last year, it has been discovered.
It is yet unknown exactly what steps the fraudsters used to transfer the money from the ICC account, including whether they directly contacted someone at the head office in Dubai or chose to target an ICC vendor or consultant. Furthermore, it is unclear if the transaction was a single payment or a number of wire transactions.
It is yet unknown exactly what steps the fraudsters used to transfer the money from the ICC account, including whether they directly contacted someone at the head office in Dubai or chose to target an ICC vendor or consultant. Furthermore, it is unclear if the transaction was a single payment or a number of wire transactions.
A BEC scam is a type of phishing in which organisations and people are duped into sending wire transfers. In a Congressional Report (filed to the US government) from last November, the FBI reported that in 2021, BEC-related claims to its Internet Crime Control Center totalled more than USD 2.4 billion.
In the report, the FBI stated BEC scams usually involve, as quoted by ESPNcricinfo said, "Spoofing of a legitimate, known e-mail address or the use of the a nearly identical address to appear as someone known to or trusted by the victim. BEC scams are initiated when a victim receives false wire instruction from a criminal attempting to redirect legitimate payments to a bank account controlled by fraudsters."
According to the FBI research, the BEC scam is quickly evolving as perpetrators become increasingly "skilled". The impersonation of vendor e-mails, spoofed lawyer e-mail accounts, theft of payroll funds, targeting of the real estate sector, and fraudulent requests for sizable amounts of gift cards are all examples of how the scam has advanced from spoofed e-mails allegedly from chief executive officers requesting wire payments to fraudulent locations.