A Singapore-based Unnamed commodity firm became a victim of a Business Email Compromise scam in mid-July this year when the firm received an email from a supplier requesting that a pending payment be sent to a new bank account based in Timor-Leste.

The company is said to have transferred $42.3 million to the non-existent supplier on July 19, It is known by the firm when the actual supplier says it has not been compensated.

The International Criminal Police Organization (INTERPOL) helped in this matter with INTERPOL’s Global Rapid Intervention of Payments (I-GRIP) mechanism, authorities in Singapore managed to detect $39 million and freeze the counterfeit bank account a day later.

What is INTERPOL’s I-GRP?

I-GRP is a stop-payment mechanism that helps countries work together to block criminal proceeds.

In the current situation, authorities blocked 82,112 suspicious bank accounts, seizing a combined US$199 million in hard currency and US$101 million in virtual assets.

Interpol aims to promote the widest possible mutual assistance between criminal police forces and to establish and develop institutions likely to contribute to the prevention and suppression of international crime.

What is a Business Email Compromise (BEC) Scam?

Criminals hack into email systems to gain information about corporate payment systems, then deceive company employees into transferring money into their bank accounts.

In this case, hackers got information about the firm’s business partners and had knowledge about due payment and send message with a mail ID very Similar to the authentic supplier.

Cryptonators Exchange and Wallet role

According to Interpol the cryptocurrency exchange and crypto wallet called “Cryptonator” allegedly helps criminals in facilitating monetary transactions and this exchange earlier also accused of promoting money laundering and not having anti-money laundering controls in place. Blockchain intelligence firm TRM Labs said the platform facilitated more than 4 million transactions worth a total of $1.4 billion.

Role of Uniswap Protocol:

Uniswap is a decentralized exchange (DEX) protocol built on the Ethereum blockchain that allows users to trade cryptocurrencies directly from their wallets without the need for a centralized intermediary.

“Attackers leverage the Uniswap Multicall contract to orchestrate fund transfers from victims’ wallets to their own,” researchers said. “Attackers have been known to use the Gnosis Safe contracts and framework, coaxing unsuspecting victims into signing off on fraudulent transactions.”

Recommendations

1. Email Authentication Protocols: Using Email Authentication Protocols such as

• DKIM (DomainKeys Identified Mail): Uses cryptographic signatures to verify that an email was sent by an authorized server and that it hasn’t been altered in transit.
• SPF (Sender Policy Framework): Allows domain owners to specify which IP addresses are authorized to send emails on their behalf.
• DMARC (Domain-based Message Authentication, Reporting & Conformance) Builds on SPF and DKIM by providing a way for domain owners to specify how to handle emails that fail authentication checks and to receive reports on email activity.

2. Anti-phishing tools: Deploying anti-phishing tools such as browser extensions, email filters, and security software will help in the timely detection of Phishing attempts.
3. User Awareness and Training: Regular awareness and training programs can help in preventing such incidents and make employees proactive in detecting such incidents.
4. Verification of Suspicious Mails: Manually verifying the authenticity can help in preventing phishing attempts this can be done by checking if there is inconsistency in the mail or any factor for urgency and verifying the sender.
5. Secure Email Gateway: Implementing a secure email gateway which is a security solution that monitors email incoming and outgoing traffic and helps in implementing policies.