The ICC has become a victim of a cybercrime involving a huge amount of around US$ 2.5 million through wire transfers. While the exact amount involved has not been confirmed, ESPNcricinfo has learned that the alleged scam started in the USA and takes place in 2022.
The route used by the fraudsters to commit financial scams was Business E-mail Compromise (BEC), also known as E-mail Account Compromise, which the Federal Bureau of Investigation (FBI) has described as “one of the most economically damaging online crimes”. describes as “one of the ,
The ICC is silent about the incident as it has reported the suspected fraud to law-enforcement agencies in the United States and an investigation is underway. It is learned that the ICC board was updated about the incident last year.
It is not yet known which route the fraudsters actually took to transfer funds from the ICC account – whether they were in direct contact with someone at the headquarters in Dubai, or targeted an ICC salesperson or consultant. It is also not confirmed whether the transaction was made in a single payment or multiple wire transfers.
What is BEC scam?
BEC scams are a form of phishing where companies and individuals are tricked and persuaded to make wire transfers. The FBI said in a Congressional report (submitted to the US government) last November that its Internet Crime Control Center had received more than $2.4 billion in BEC-related claims in 2021.
In the report, the FBI said that BEC scams typically involve: “the spoofing of a valid, known e-mail address or the use of a nearly identical address to appear as someone who is believed by the victim or the victim.” BEC scams begin when a victim receives false wire instructions from a criminal attempting to redirect legitimate payments to a bank account controlled by the fraudsters.”
The FBI report states that the BEC scam is rapidly evolving as criminals become more “sophisticated”. “The scam allegedly escalated from fraudulent e-mails requesting chief executive officers to wire payments to fraudulent locations; impersonation of vendor e-mails; attorney’s e-mail accounts; diversion of payroll funds ; targeting of the real estate sector; and fraudulent requests for large amounts of gift cards.”
Additional reporting by Usman Samiuddin