The FBI has published a Public Service Announcement (PSA) regarding the increasing practice of Business Email Compromise (BEC) in conjunction with virtual meeting platforms to commit fraud against companies and their employees. Between 2019 through 2021, the FBI received an increase of “BEC complaints involving the use of virtual meeting platforms to instruct victims to send unauthorized transfers of funds to fraudulent accounts.” Cybercriminals began to exploit virtual meeting platforms during the start of the COVID-19 pandemic as many workplaces switched to conducting business virtually.
Cybercriminals exploit virtual meeting platforms to conduct BEC scams in multiple ways, according to the FBI. Criminals compromise employee emails to inject themselves in a workplace meeting on virtual meeting platforms to collect information on a business's day-to-day operations. Compromising an employer's email, such as the CEO, and sending spoofed emails to employees instructing them to initiate transfers of funds, with the fake CEO claiming to be occupied in a virtual meeting. The PSA lists several methods individuals can take to defend against this activity. To report an incident or file a complaint, visit the FBI’s Internet Crime Complaints Center. Read the full PSA here.