The International Cricket Council (ICC) has lost around $2.5 million after becoming a victim of cybercrime, according to a report.
The incident of phishing, which originated in the US, took place in 2022, ESPNCricinfo reported on Friday (January 20).
“The route used by fraudsters to commit the financial scam was Business E-mail Compromise (BEC), also known as e-mail account compromise, which the Federal Bureau of Investigation (FBI) describes as ‘one of the most financially damaging online crimes’,” the report stated.
An investigation is underway as the ICC, which is not commenting on the matter, reported the incident to law enforcement agency in the US.
How the scam took place is not yet known.
“It is not yet known what route exactly the fraudsters took to get the money transferred from the ICC account – whether they had got in touch directly with someone at the head office in Dubai, or had targeted an ICC vendor or consultant.
“It is also not confirmed whether the transaction was done in one single payment or there were multiple wire transfers,” the report added.
Phishing is an attempt by cybercriminals posing as legitimate institutions, usually via email, to obtain sensitive information from targeted individuals. It is one of the most common scams happening around the world.
A BEC scam is a form of phishing where companies and individuals are tricked and convinced into making wire transfers.
The BEC scam, according to a Federal Bureau of Investigation (FBI) report, is evolving fast as the criminals become more “sophisticated”, the report said.
“The scam has progressed from spoofed e-mails purportedly from chief executive officers requesting wire payments to fraudulent locations, to impersonation of vendor e-mails; spoofed lawyer e-mail accounts; diversion of payroll funds; the targeting of the real estate sector; and fraudulent requests for large amounts of gift cards,” it added.