PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.

PCMag UK

FBI to Remote Workers: Be Careful of This Easy-to-Miss, Costly Scam

In the cryptocurrency era, remote work has allowed these business-focused scams to flourish.

Michael Kan
 & Michael Kan Principal Reporter

Our team tests, rates, and reviews more than 1,500 products each year to help you make better buying decisions and get more from technology.

Our Expert
LOOK INSIDE PC LABS HOW WE TEST
65 EXPERTS
43 YEARS
41,500+ REVIEWS

Ransomware and data breaches may get all the attention, but the FBI is warning that scammers have been busy exploiting another kind of fraud: business email compromise (BEC) attacks.

The FBI today issued an alert about BEC attacks, which estimates exposed losses of $43 billion from companies across the globe since 2016, meaning actual and attempted losses. 

These schemes often involve a scammer either trying to take over the official email account of a CEO or high-ranking executive or impersonating them (or a trusted supplier) through a spoofed email account. The culprit will then message the company’s accounting staff and request a large transfer of funds—thousands or sometimes millions of dollars. An unsuspecting employee might fall for the trick and mistakenly send the money to the scammer’s bank account.

Although BEC attacks are nothing new, the FBI is warning the scams continue to “grow and evolve,” and can involve targeting major corporations, small businesses, and personal transactions. Lately, BEC scammers are quickly laundering the stolen funds by converting them into cryptocurrency. 

“Between July 2019 and December 2021, there was a 65% increase in identified global exposed losses, meaning the dollar loss that includes both actual and attempted loss in United States dollars,” the agency added. “This increase can be partly attributed to the restrictions placed on normal business practices during the COVID-19 pandemic, which caused more workplaces and individuals to conduct routine business virtually.”

Recommended by Our Editors

Google Will Soon Spot Fake Calls on Supported Android Phones
Google Will Soon Spot Fake Calls on Supported Android Phones
Report Cites Misinformation As Key Threat to Election Security, Doesn't Name the Biggest Offenders
Report Cites Misinformation As Key Threat to Election Security, Doesn't Name the Biggest Offenders
Meta's AI Chatbot Allegedly Helped Hackers Hijack Instagram Accounts
Meta's AI Chatbot Allegedly Helped Hackers Hijack Instagram Accounts
FBI estimates

The FBI also decided to quantify the impact of BEC scams since 2016 by looking at law enforcement reports and filings from financial institutions. In total, the agency counted 241,206 incidents connected to BEC attacks globally, which tried to steal an estimated $43.3 billion. 

To stay safe, the FBI is urging users to implement two-factor authentication on their email accounts, which forces anyone logging in to supply both the correct password and a one-time passcode usually generated on their smartphone. 

Users should also be on guard against phishing emails that can contain malware capable of taking over your computer. These emails will often pretend to come from legitimate organizations. “Ensure the URL in emails is associated with the business/individual it claims to be from,” the FBI added. “Be alert to hyperlinks that may contain misspellings of the actual domain name.”

If you receive a large money transfer request from a CEO or family member, you should also consider calling them or meeting in-person to confirm the request is real.

About Our Expert

Michael Kan

Michael Kan

Principal Reporter

My Experience

I've been a journalist for over 15 years. I got my start as a schools and cities reporter in Kansas City and joined PCMag in 2017, where I cover satellite internet services, cybersecurity, PC hardware, and more. I'm currently based in San Francisco, but previously spent over five years in China, covering the country's technology sector.

Since 2020, I've covered the launch and explosive growth of SpaceX's Starlink satellite internet service, writing 600+ stories on availability and feature launches, but also the regulatory battles over the expansion of satellite constellations, fights with rival providers like AST SpaceMobile and Amazon, and the effort to expand into satellite-based mobile service. I've combed through FCC filings for the latest news and driven to remote corners of California to test Starlink's cellular service.

I also cover cyber threats, from ransomware gangs to the emergence of AI-based malware. In 2024 and 2025, the FTC forced Avast to pay consumers $16.5 million for secretly harvesting and selling their personal information to third-party clients, as revealed in my joint investigation with Motherboard.

I also cover the PC graphics card market. Pandemic-era shortages led me to camp out in front of a Best Buy to get an RTX 3000. I'm now following how the AI-driven memory shortage is impacting the entire consumer electronics market. I'm always eager to learn more, so please jump in the comments with feedback and send me tips.

The Best Tech I've Had:

  • My first video game console: a Nintendo Famicom
  • I loved my Sega Saturn despite PlayStation's popularity.
  • The iPod Video I received as a gift in college
  • Xbox 360 FTW
  • The Galaxy Nexus was the first smartphone I was proud to own.
  • The PC desktop I built in 2013, which still works to this day.

Read the latest from Michael Kan

Read full bio