Business Email Compromise Prosecutions
⚖️ Legal Framework
Business Email Compromise (BEC) is a sophisticated cybercrime where attackers compromise business email accounts—often via phishing or social engineering—to defraud companies, vendors, or employees into wiring money or revealing sensitive information.
Key federal laws used in BEC prosecutions include:
18 U.S.C. § 1343 (Wire Fraud): Most common charge, as the fraudulent transfer of money occurs via wire communications.
18 U.S.C. § 1028 (Identity Theft and Fraudulent Use of Identification Documents)
18 U.S.C. § 1030 (Computer Fraud and Abuse Act - CFAA)
18 U.S.C. § 1956 (Money Laundering): Often charged when proceeds are laundered.
18 U.S.C. § 371 (Conspiracy to Commit Offense)
Key Cases with Detailed Explanation
1. United States v. Evans (S.D.N.Y., 2018)
Facts:
Evans and co-conspirators conducted a BEC scheme targeting companies by compromising email accounts of executives and finance personnel.
They sent fraudulent wire transfer instructions directing companies to send funds to their accounts abroad.
The losses exceeded $2 million.
Legal Issue:
Wire fraud under 18 U.S.C. § 1343.
Conspiracy to commit wire fraud.
Decision:
Evans pled guilty to wire fraud conspiracy.
Sentenced to 48 months in prison.
Significance:
Demonstrated the classic BEC modus operandi.
Highlighted the importance of prosecuting conspirators who initiate and orchestrate fraudulent email schemes.
2. United States v. Yakubets (E.D.N.Y., 2020)
Facts:
Yakubets was alleged to have been a key operator in a criminal hacking group that perpetrated multiple BEC and wire fraud schemes.
The group compromised hundreds of email accounts and caused millions in losses.
Legal Issue:
Wire fraud, conspiracy, unauthorized access to computers (CFAA).
Decision:
Yakubets pled guilty; sentenced to over 5 years in federal prison.
Ordered to forfeit millions of dollars in criminal proceeds.
Significance:
One of the largest coordinated prosecutions against international BEC hackers.
Showed law enforcement's success in disrupting organized cybercrime groups behind BEC.
3. United States v. Pompili (E.D.N.Y., 2017)
Facts:
Pompili was part of a group that sent fraudulent emails impersonating a company CEO, requesting wire transfers for fake invoices.
Targeted small and mid-size companies.
Legal Issue:
Wire fraud.
Use of stolen identities and forged documents.
Decision:
Convicted at trial.
Sentenced to 60 months imprisonment.
Significance:
Illustrated prosecution of BEC involving impersonation and forged documentation.
Emphasized that even smaller targets face federal prosecution.
4. United States v. Haruna (N.D. Ill., 2019)
Facts:
Haruna hacked into email accounts of executives and employees to monitor and intercept legitimate financial communications.
Used this knowledge to send fraudulent instructions for wire transfers.
Legal Issue:
Wire fraud and unauthorized access under the CFAA.
Decision:
Haruna pled guilty.
Sentenced to 70 months imprisonment.
Significance:
Highlighted combined use of hacking and social engineering in BEC.
Confirmed courts treat cyber intrusions used to facilitate fraud very seriously.
5. United States v. Prakash (N.D. Cal., 2021)
Facts:
Prakash orchestrated a scheme involving phishing emails sent to CFOs, obtaining login credentials, and instructing banks to send funds to offshore accounts.
His group laundered millions of dollars through cryptocurrency mixers.
Legal Issue:
Wire fraud, money laundering, conspiracy.
Decision:
Convicted after trial.
Sentenced to 10 years imprisonment.
Significance:
Showed integration of BEC with complex money laundering tactics.
Revealed how prosecutors are increasingly using money laundering statutes alongside wire fraud in BEC cases.
Key Legal Elements in BEC Prosecutions
| Element | Explanation |
|---|---|
| Fraudulent Scheme | Using false pretenses to trick victims into wiring funds. |
| Use of Wire Communications | Emails or electronic communications to execute the fraud. |
| Intent to Defraud | Knowing deception aimed at causing financial loss. |
| Unauthorized Access | Often involves hacking or phishing to gain access to email accounts. |
| Conspiracy | Agreement among two or more individuals to commit fraud. |
| Money Laundering | Moving or concealing criminal proceeds after fraud is committed. |
Conclusion
BEC prosecutions have grown as these scams have become a top cybersecurity threat causing billions in losses worldwide. Federal prosecutors rely primarily on wire fraud statutes, often paired with CFAA violations and money laundering charges. Cases like Evans and Yakubets demonstrate law enforcement’s success in dismantling sophisticated BEC operations, both domestic and international.
The courts treat these crimes harshly, with sentences often exceeding several years, reflecting the serious financial and operational harm caused to victims.
RELATED Blog
0 comments