Man
Professional
- Messages
- 3,051
- Reaction score
- 577
- Points
- 113
BEC stands for Business Email Compromise
With my previous posts showing a single explanation of BEC many chose to try only that. - I thought I’d elaborate.
With BEC the aim is to gain access to the victim’s emails.
The victim should ideally be a business.
You can do this by social engineering a way for them to accept your entry point. That could be through botnets that steal password, RAT’s that give you control over their device, scam-pages that lure the victim into entering their genuine login credentials which you then receive along with their online fingerprint. Some will simply spam multiple emails and go through them until they find a good target.
Research
Once you have access it’s time to look into their email account searching for many things:
1. Invoices going out
2. Purchase orders coming in
3. Payment requests going out
4. Debt owed to the company
5. Any sort of payment that can be manipulated
Social Engineering
Now you can use their email or spoof their email creating a clone domain and use the previous message as a starting point.
If it’s an invoice you can tell the customer that we are amending the payment instructions to reflect our new bank account.
If it’s a purchase order coming in you could accept it by looking at past emails to see how the company accepts purchase orders. Then send the victim the new payment instructions the same way the company normally would.
If debt is owed to the company you could be making a request for payment and even giving them a payment plane to pay £180,000 in three payments of £60,000 each for example.
Any sort of payment you see owed to the company you need to make it so that it ends up in your pocket.
Sometimes in these scenarios you have access to their computer or their cloud databases. You can remove clients from the actual company and manipulate the client with no interruption. Some remove debts from the company and handle it themselves.
There isn’t just a single way to do BEC.
You can divert payments from businesses in many ways and find many entry points and manipulate many scenarios. Some will hack the CEO email and send payment instructions to their accounts guy to make a payment in their behalf.
The key is to get their money into your drop.
The method of getting bank drops varies depending on which country you are in and the country the bank account is in.
There are a few types of drops people get:
1. Self made open-ups with fullz and ID
2. Dating client drops
3. Telegram drops
4. Self made with client on hand
I’m going to start by discussing some negatives regarding most of these and why one type is better than the rest.
Self made open-ups with fullz and ID
These drops are common and sound good as you get to keep your share to yourself. Nobody to split with as it’s a bought account.
The biggest negative with using these for BEC is the simple fact that when trigger limits are hit, the moment you try to send money out the bank tries to verify that it is indeed actually the real account holder who is trying to send the money.
A lot of these lock with the amounts we deal with in BEC so we don’t use them unless for small amounts.
Dating client drops
That “client” you pretend to live so much in the west is a slob. That’s why they fall for your bullshit when you tell them you love them and ask for money. The moment you drop $100k+ into their account it’s you who’s being played. That slob disappears and now you’re the slob who got played
Dating client bank drops for these large amounts are unreliable and untrustworthy. BEC players don’t like using them.
Telegram Drops
Drops you find on telegram are worse than dating client drops. I would never rely on them. You think you have their picture and address but you don’t have shit as it’s all faked and even if you have their picture the laws and jurisdictions won’t allow them to be dealt with. They have more money than you now, say bye bye to your money. You know your threats don’t mean anything on telegram. You can’t do shit.
You would literally need to see a good track record of continuous work to be able to put hope in someone. Many on telegram show screenshots of bank balances but don’t show they’ve cashed out consistently yet expect to be trusted. Too many pretenders.
Self made with client on hand
These are the favourite drops for BEC. When you’re linked to organisations around the world dealing with VAT, Drugs, Hawala and Money Laundering, you get to know many people in the network. These people have networks already set up where they get real people with their own addresses and they open accounts in their name and keep control of the accounts for you. Some even give you access. They maintain everything they ensure control on the client and the client doesn’t even have access to his own business account but will be fully prepped and go into branch if necessary. These are the kinds of business accounts people want for BEC.
If you can find people like this on telegram you’ve hit the jackpot as long as you know what you’re doing to bring the money in. These people look for longevity.
With my previous posts showing a single explanation of BEC many chose to try only that. - I thought I’d elaborate.
With BEC the aim is to gain access to the victim’s emails.
The victim should ideally be a business.
You can do this by social engineering a way for them to accept your entry point. That could be through botnets that steal password, RAT’s that give you control over their device, scam-pages that lure the victim into entering their genuine login credentials which you then receive along with their online fingerprint. Some will simply spam multiple emails and go through them until they find a good target.
Research
Once you have access it’s time to look into their email account searching for many things:
1. Invoices going out
2. Purchase orders coming in
3. Payment requests going out
4. Debt owed to the company
5. Any sort of payment that can be manipulated
Social Engineering
Now you can use their email or spoof their email creating a clone domain and use the previous message as a starting point.
If it’s an invoice you can tell the customer that we are amending the payment instructions to reflect our new bank account.
If it’s a purchase order coming in you could accept it by looking at past emails to see how the company accepts purchase orders. Then send the victim the new payment instructions the same way the company normally would.
If debt is owed to the company you could be making a request for payment and even giving them a payment plane to pay £180,000 in three payments of £60,000 each for example.
Any sort of payment you see owed to the company you need to make it so that it ends up in your pocket.
Sometimes in these scenarios you have access to their computer or their cloud databases. You can remove clients from the actual company and manipulate the client with no interruption. Some remove debts from the company and handle it themselves.
There isn’t just a single way to do BEC.
You can divert payments from businesses in many ways and find many entry points and manipulate many scenarios. Some will hack the CEO email and send payment instructions to their accounts guy to make a payment in their behalf.
The key is to get their money into your drop.
The method of getting bank drops varies depending on which country you are in and the country the bank account is in.
There are a few types of drops people get:
1. Self made open-ups with fullz and ID
2. Dating client drops
3. Telegram drops
4. Self made with client on hand
I’m going to start by discussing some negatives regarding most of these and why one type is better than the rest.
Self made open-ups with fullz and ID
These drops are common and sound good as you get to keep your share to yourself. Nobody to split with as it’s a bought account.
The biggest negative with using these for BEC is the simple fact that when trigger limits are hit, the moment you try to send money out the bank tries to verify that it is indeed actually the real account holder who is trying to send the money.
A lot of these lock with the amounts we deal with in BEC so we don’t use them unless for small amounts.
Dating client drops
That “client” you pretend to live so much in the west is a slob. That’s why they fall for your bullshit when you tell them you love them and ask for money. The moment you drop $100k+ into their account it’s you who’s being played. That slob disappears and now you’re the slob who got played
Dating client bank drops for these large amounts are unreliable and untrustworthy. BEC players don’t like using them.
Telegram Drops
Drops you find on telegram are worse than dating client drops. I would never rely on them. You think you have their picture and address but you don’t have shit as it’s all faked and even if you have their picture the laws and jurisdictions won’t allow them to be dealt with. They have more money than you now, say bye bye to your money. You know your threats don’t mean anything on telegram. You can’t do shit.
You would literally need to see a good track record of continuous work to be able to put hope in someone. Many on telegram show screenshots of bank balances but don’t show they’ve cashed out consistently yet expect to be trusted. Too many pretenders.
Self made with client on hand
These are the favourite drops for BEC. When you’re linked to organisations around the world dealing with VAT, Drugs, Hawala and Money Laundering, you get to know many people in the network. These people have networks already set up where they get real people with their own addresses and they open accounts in their name and keep control of the accounts for you. Some even give you access. They maintain everything they ensure control on the client and the client doesn’t even have access to his own business account but will be fully prepped and go into branch if necessary. These are the kinds of business accounts people want for BEC.
If you can find people like this on telegram you’ve hit the jackpot as long as you know what you’re doing to bring the money in. These people look for longevity.
