Thank you for taking the time to notify ARCO of a possible BEC (Business Email Compromise) scam. As we analyze fraud, it is essential for us to review and track all scams. If you are someone who suspects they’re a victim of a BEC fraud disguised as an ARCO email, it is crucial to act quickly and do not click on any links within the email, send any dollar amount, and do not reply. We ask you to follow the steps below.


ARCO Associates

If you suspect you have been a victim of a BEC scam, please follow company policy and email ARCO Technology at and your manager to alert them. Once completed, someone from our support team will reach out to you to evaluate our next steps.


Contractor, Vendor, or Other Entities

  • Open the last email YOU received from the spoofed email address.
  • Go to file, save as, and save to your download or document folder.
  • Please create a new email, and send it to
  • Then attach that saved file to that email.
  • Click send TO:
  • If you fallen victim and have sent sensitive information, money, etc., we recommend you notify ARCO and complete the process of reporting with the additional four steps below: 
    1. Contact your financial institution immediately and request that they contact the receiving institution where the transfer was sent.
    2. Next, file a complaint with the FBI’s Internet Crime Complaint Center(IC3).
    3. Also, contact your local FBI field office to report the crime.
    4. Ensure everyone in your sphere of influence are aware of Business Email Compromise Scams.


Further information on BEC: 

Business Email Compromise (BEC) is unfortunately common in the modern tech world. It is one of the most damaging online crimes for businesses as we rely on email to conduct personal and professional business within our industry.

An attack can look like an email that seems to be a legitimate request from known personnel in a BEC scam (in this case, an ARCO associate). It could be a situation such as an individual or vendor you commonly work with sending a new invoice with account changes or a CEO reaching out for a request such as asking you to purchase something on behalf of the organization. These are typical examples and can cost a victimized organization thousands of dollars. Therefore, it is crucial to act quickly and advise of this threat as seen.