On May 4, 2017, the Federal Bureau of Investigation released a public service announcement mentioning that business email compromise and online bank account takeover has grown to a $5.3 billion dollar scam between October 2013 and December 20216. This scam is carried out by a criminals using sophisticated techniques such as; email spoofing, social engineering, stealing email account credentials, or taking control of online bank accounts.
This scam impacts businesses of all sizes and includes some of the following scenarios:
- A business working with a longstanding foreign supplier in which the business receive a request to wire funds into an alternative account.
- A high-level business executive receiving a wire request from an individual impersonating another high-level business executive within the company.
- A business email account is hacked and the criminal attempts to request wire transfers via email.
- A criminal impersonates an attorney claiming to handle a confidential and time sensitive transaction for the business.
- A criminal impersonates a buyer, seller, agent, or lawyer of a real estate transaction in which the funds are wired into an alternative account.
Based on reported incidents, Asian banks located in China and Hong Kong remain the primary destinations of fraudulent funds; however, financial institutions in the United Kingdom have also been identified as prominent destinations.
Here are some tips to better protect your business.