Business Email Compromise (BEC) is one of the most financially damaging types of cybercrime. Scammers infiltrate or impersonate company email accounts to redirect payments, issue fake invoices, or instruct staff to wire funds to criminal-controlled bank accounts or crypto wallets. These attacks are precise, professional, and often devastating to both individuals and organizations.
At Cand Capital Limited, we help victims of BEC attacks trace stolen funds and pursue recovery. Using forensic investigation, institutional collaboration, and legal escalation, we move fast to freeze, recall, or reclaim misdirected payments.
BEC is a type of cyber fraud where scammers impersonate or gain access to a legitimate business email account—usually of a CEO, finance director, or vendor—to trick employees into authorizing fraudulent wire transfers.
Here’s how it usually works:
Email Spoofing or Hacking: The scammer either hacks into a business account or spoofs the email domain (e.g., changing john@yourcompany.com to john@yourcornpany.com).
Payment Diversion Requests: The fraudster instructs the finance team or vendor manager to urgently change the payment instructions for an invoice or payroll.
Vendor Impersonation: Scammers pose as regular vendors asking for invoice payments to be sent to “new” accounts.
Internal Role Impersonation: They may impersonate the CEO or CFO, demanding urgent fund transfers for confidential projects or emergencies.
Funds Sent to Criminal Accounts: Once the payment is made, funds are redirected through a network of banks, crypto exchanges, or payment processors—often offshore.
These attacks exploit trust and familiarity. Victims often realize too late that the request was fake—and the funds are already gone.
At Cand Capital Limited, we deploy a rapid response protocol to trace, halt, and recover compromised payments:
Immediate Case Review
We gather details of the fraudulent email, compromised transaction, and timeline to assess how and where the fraud occurred.
Email and Domain Forensics
Our experts examine email headers, domain registration, and message metadata to trace the origin and determine if it was spoofed or hacked.
Transaction Tracing
We follow the stolen funds through banking networks or blockchain if crypto was used, identifying final destinations and intermediaries.
Evidence Compilation
All emails, transaction logs, payment instructions, and correspondence are documented to support recovery claims.
Institutional Engagement
We contact the recipient bank, intermediary banks, and payment processors to file official recall and fraud claims.
Legal and Regulatory Action
If needed, our legal partners initiate emergency court orders, issue demand letters, or escalate with financial regulators.
BEC recovery requires speed, precision, and institutional leverage. Here’s how we support you:
✔ Technical Email and Network Investigation
We uncover:
Whether an account was hacked or spoofed
Email traffic anomalies and origin metadata
IP logs and SMTP relay paths
Associated phishing vectors
✔ Financial Path Reconstruction
We trace the fund’s journey through:
SWIFT/SEPA/ACH transactions
Cryptocurrency wallets and exchanges
Payment gateways (Stripe, Payoneer, etc.)
Third-party accounts and shell companies
✔ Banking and Exchange Collaboration
We work with:
Receiving and intermediary banks
Cryptocurrency exchanges
Payment service providers
Fraud and AML departments
Our goal is to trigger account freezes, submit fraud declarations, and initiate chargeback or recall procedures.
✔ Legal Coordination
We assist in:
Drafting and issuing formal recovery demands
Coordinating with corporate legal teams
Filing law enforcement reports and recovery affidavits
Pursuing restitution where feasible
Fast-Track Protocols: We act quickly to preserve evidence and freeze transfers before it’s too late.
Business-Grade Investigation: Our specialists understand B2B payments, internal protocols, and finance operations.
Global Financial Network: We collaborate with banks and platforms in over 40 jurisdictions.
Proven Success: We've recovered lost corporate payments for SMEs, NGOs, and multinational clients.
Secure & Confidential: We handle your business details with the utmost privacy and discretion.
A vendor suddenly changes payment instructions without prior notice
An executive sends an urgent fund transfer request from an unusual or slightly altered email address
You’re asked to “keep this confidential” or bypass standard verification procedures
The email tone or signature seems slightly different
There’s urgency or pressure to act before confirming details
If any of these happened during a fund transfer, your business may have been compromised.
BEC attacks are time-sensitive. The longer you wait, the harder recovery becomes. If you've authorized a payment to a scam account—even if it seemed legitimate—Cand Capital Limited can act fast to trace and recover your funds.
