As noted in an article from the Journal of Accountancy, there were two kinds of business email compromises — emails from fake executives and ones from fake vendors.

In schemes involving emails from fake executives – also called “executive impersonation” – fraudsters not affiliated with a company use spoofed email addresses to send communications that appeared to come from a company executive, typically the CEO. Sometimes, the spoofed emails used real law firm and attorney names. The executive impersonation emails often had these common elements:

1. Referred to time-sensitive “deals” that needed to be completed within days, emphasizing the need for secrecy from other company employees and sometimes suggested some form of government oversight.
2. Claimed that the requested funds were needed for foreign transactions – and all directed the wire transfers to foreign banks. The emails provided minimal details about the transaction – and while all of the companies had some foreign operations, these types of foreign transactions would have been out of the ordinary.
3. Typically went to mid-level personnel who rarely communicated with the executives being spoofed – and who typically were not involved in the supposed transactions.

Review the press release and report on the SEC's website.