A multi-year business email compromise (BEC) operation has shown how highly organised fraud networks can exploit gaps in payment workflows. Publicly revealed in August 2025, the case highlights the need for layered controls to protect corporate funds.
What happened
From 2016 to 2023, a coordinated BEC campaign deceived organisations into sending funds to fraudulent accounts. The scheme, detailed by Hackread, targeted businesses across multiple industries and revenue sizes.
Fraudulent payment instructions were designed to appear legitimate, often accompanied by convincing documentation. Once funds were transferred, they moved through several accounts — frequently starting in the U.S. — before being sent offshore, making recovery extremely difficult. Losses exceeded $100 million, and the operation remained active for years without detection.
The investigation revealed a disciplined operation that relied on precision targeting and well-rehearsed payment fraud techniques.
How the BEC scheme worked
The attackers combined technical deception with carefully planned social engineering to make fraudulent payment requests appear routine and legitimate.
- Email spoofing and impersonation to convincingly pose as executives, vendors, or trusted partners
- Authentic-looking documentation including forged authorisation letters to reinforce credibility
- Multi-stage social engineering to build trust over several interactions before requesting payment
- Structured laundering networks to rapidly move funds through intermediaries, obscuring their trail
This combination of technical precision and human manipulation enabled attackers to bypass standard payment approval processes.
Impact for finance teams
For finance leaders, the true cost of BEC extends beyond the immediate loss of funds.
- direct financial losses that are often unrecoverable
- operational disruption from urgent investigations and payment recalls
- strained vendor relationships due to delayed or diverted payments
- reputational challenges if stakeholders question the resilience of payment processes
The long-term nature of this case shows how repeated fraudulent requests can blend into everyday activity, increasing the risk of approval without additional checks.
How to reduce risk
Reducing exposure to BEC requires layered controls that combine process discipline with real-time verification technology.
- use out-of-band verification for all payment instruction changes
- validate vendor banking details through an independent source before releasing funds
- train accounts payable teams to recognise BEC red flags, such as unusual urgency or tone
- implement real-time transaction monitoring to detect anomalies as they occur
Where Eftsure fits
Eftsure provides real-time vendor bank detail verification, continuous monitoring of outgoing payments, and secure confirmation workflows. This independent control layer helps prevent fraudulent transfers — even if email systems or internal processes are compromised.
Safeguard your organisation’s payments from BEC-related fraud. Request a demo today.
