Security News > 2023 > March > FBI: Business email compromise tactics used to defraud U.S. vendors
The Federal Bureau of Investigation is warning companies in the U.S. of threat actors using tactics similar to business email compromise that allow less technical actors to steal various goods from vendors.
Typical business email compromise attacks focus on stealing money by tricking the victim into diverting funds to the fraudster's account.
In the type of fraud that the FBI observed the threat actor is employing false acquisition schemes to obtain various products from vendors across the country.
In an alert on Friday, the FBI notes that criminal actors are impersonating the email domains of U.S.-based companies to initiate bulk purchases.
While the technical skills required to spoof an email address are very low, it appears that the actors are skilled fraudsters knowledgeable in business payments and how to hide the cheating.
The FBI recommends vendors check the source of an email before agreeing to a transaction.