In these latest cases, the FBI notes that the threat actors "exploits the fact that so many of us rely on email to conduct business -- both personal and professional." They go on to state that "In many BEC scams, criminals send an email message that appears to come from a known source making a legitimate request."
Businesses that deal with the following are being told to be vigilant:
Solar Energy Products
Computer Technology Hardware
According to the FBI, vendors may receive an invoice from a familiar company and name, which shows a granted credit repayment of Net-30 or Net-60 terms. Threat actors have also been known to provide fraudulent W-9 forms.
"Victimized vendors ultimately discover the fraud after attempts to collect payment are unsuccessful," the bulletin states. Of course, once the vendors reach out to the companies they are trying to collect from, they will learn the orders did not come from them.
The FBI stresses that businesses should always verify large purchases by contacting the buyer through their provided means.