Skip to main content
FREE CALCULATOR — FBI IC3 2024 DATA

BEC / Wire Fraud Loss Calculator

3 inputs. 30 seconds. See your annual exposure, recovery likelihood, and the 3 controls that cut your risk the most — anchored on FBI IC3 2024 data and real named breach cases.

Powered by FBI IC3 2024 Internet Crime Report · FBI Financial Fraud Kill Chain (FFKC) · KnowBe4 2024 Phishing Benchmarking · IBM Cost of a Data Breach 2024

$2.9B Total BEC losses in 2024 (FBI IC3)
$137K Average loss per BEC incident (FBI IC3 2024)
71% Recovery rate if reported to IC3 < 72 hours (FBI FFKC)
86% Click rate reduction with live training (KnowBe4 2024)
Ubiquiti Networks
$46.7M
VEC — employee wired funds to attacker-controlled accounts after email compromise
Toyota Boshoku
$37M
Supplier impersonation — attacker posed as legitimate supplier, redirected payment
Scoular Company
$17.2M
CFO impersonation — fake acquisition wire, attorney email spoofed
Real Estate Sector
$446M
FBI IC3 2024 — closing wire fraud alone, highest per-incident loss category

Calculate Your BEC Exposure

Results update instantly — no page reload, no signup required to see your number.

Your typical wire: payroll runs, vendor payments, client settlements, real estate closings, draw requests. Use your most common transfer size.
$100,000
Drag to set
$10K$250K$500K$1M$5M
Drives frequency multiplier — real estate and legal face highest per-incident losses
Current controls status — the #1 determinant of recovery likelihood

Your Annual BEC Exposure

Estimated Annual BEC / Wire Fraud Exposure
With your current controls · ·
Without any controls
With training added
Annual savings from training
Avg. cost per incident (sector-adjusted)
Recovery Likelihood (FBI FFKC)
Top Risk For Your Sector

Top 3 Controls — Ranked by Impact

Sources: FBI IC3 2024 Internet Crime Report · FBI Financial Fraud Kill Chain (FFKC) · KnowBe4 2024 Phishing Benchmarking Report · IBM Cost of a Data Breach 2024

Get Your Full Personalized Report

See your full results — personalized to your sector, wire size, and control status. Includes your recovery timeline and a 30-day BEC hardening checklist.

Run the calculator first, then enter your email to see your full results.

No spam. Unsubscribe anytime. We'll also send 3 BEC hardening tips over the next 2 weeks.

Results sent — check your inbox. Ready to cut this exposure in half?

Book a 30-Min BEC Defense Session → Download the BEC Defense Playbook (Free)

Frequently Asked Questions

BEC is a sophisticated fraud where attackers compromise or impersonate email accounts to deceive employees into wiring funds or sending sensitive data. The FBI IC3 2024 report identifies BEC as the costliest cybercrime category: $2.9 billion in losses across 21,489 complaints, averaging $137K per incident. Common variants include CEO fraud, vendor/supplier impersonation, attorney impersonation (particularly in M&A), payroll diversion, and W-2 data theft.
BEC frequency and per-incident cost vary sharply by sector. Real estate faces the highest per-incident losses because closing wires involve single large transfers that are difficult to reverse. Law firms are targeted for settlement and trust account wires. Construction GCs face draw-payment fraud. Healthcare faces payroll diversion and vendor payment redirection. The FBI IC3 reports real estate BEC losses of $446M in 2024 alone — roughly one-sixth of all BEC losses despite being a fraction of reporting organizations.
The FBI FFKC is a rapid-response process for recovering wire fraud losses. When an organization reports a BEC incident to the IC3 (ic3.gov) and to their sending bank within 72 hours, the FBI can freeze and recall approximately 71% of transferred funds. After 72 hours, funds typically move through overseas accounts and recovery drops to under 20%. Organizations with email MFA detect compromises faster, making this window more achievable.
BEC success depends on employees not recognizing the social engineering tactics: urgency language, authority impersonation, and subtle domain look-alikes. KnowBe4's 2024 benchmarking data shows live, scenario-based training reduces phishing click rates from 34.3% (baseline) to 4.6% after a 90-day program — an 86.6% reduction. More directly: trained employees perform out-of-band callback verification rather than acting on email alone, which breaks every BEC variant that relies on email as the sole authorization channel.
This is a risk estimation tool based on FBI IC3 reported complaint data and industry frequency multipliers derived from Verizon DBIR 2024 sector patterns. Actual exposure varies based on your specific vendor relationships, transaction volume, and internal controls maturity. The calculator uses conservative assumptions throughout — actual risk at organizations with unaddressed gaps is often higher. Use this as a conversation starter for your leadership team, not a precise actuarial figure.
SecurEveryone delivers live, scenario-based BEC awareness sessions tailored to your sector's specific threat patterns (real estate closing fraud, law firm settlement wires, construction draw requests, etc.). Sessions include: attack kill chain walkthrough, out-of-band verification protocol drill, DMARC/email authentication check, and tabletop simulation of a BEC incident from detection through FFKC recovery. Sessions run 30–90 minutes. See Pricing or Book a Session.

Related Tools & Resources

Used this calculator? These go deeper on BEC prevention.

BEC Defense Playbook

11-page PDF: 5 attack patterns, full kill chain, DMARC enforcement guide, OOB verification protocol, and 3 tabletop scenarios.

Download Free →

Wire Fraud Defense Playbook

13-page PDF: BEC kill chain, 5 variants targeting professional services, FBI IC3 recovery process, and Verify-Out-Of-Band protocol.

Download Free →

Domain Security Scanner

Check your DMARC, SPF, DKIM, and DNSSEC configuration. A missing DMARC p=reject enables spoofing of your exact domain.

Scan My Domain →

Tabletop Exercise Facilitator Pack

Run a 30-min BEC tabletop with your finance and leadership team. Includes the CEO BEC $340K scenario and facilitator script.

Download Free →