The International Cricket Council was the target of cybercrime involving a wire transfer of a sizeable sum of money, roughly US$ 2.5 million.
The alleged scam originated in the US and took place in 2022, albeit the precise amount involved has not been verified, said a report in ESPNCricinfo.
Business e-mail compromise (BEC), also known as e-mail account compromise, is the method that fraudsters used to carry out the financial scam. According to the Federal Bureau of Investigation (FBI), BEC is "one of the most financially destructive online crimes."
Cricket's governing body is keeping quiet about the matter because law enforcement in the US has been notified of the possible fraud, and an investigation is currently being conducted. The ICC Board was informed about the incident last year.
It is not clear how the fraudsters transferred the money from the ICC account, including whether they directly contacted someone at the head office in Dubai or chose to target an ICC vendor or consultant. Furthermore, it is unclear if the transaction was a single payment or a number of wire transactions.
A BEC scam is a type of phishing in which organisations and people are duped into sending wire transfers. In a Congressional Report (filed to the US government) from last November, the FBI reported that in 2021, BEC-related claims to its Internet Crime Control Center totalled more than $2.4 billion.
According to the FBI research, the BEC scam is quickly evolving as perpetrators become increasingly "skilled". The impersonation of vendor e-mails, spoofed lawyer e-mail accounts, theft of payroll funds, targeting of the real estate sector, and fraudulent requests for sizable amounts of gift cards are all examples of how the scam has advanced from spoofed e-mails allegedly from chief executive officers requesting wire payments to fraudulent locations.