Please be advised that there is a Phishing email circulating that is an attempt to steal money from your business via wire transfer. This particular scam uses a spoofed email that appears to be from a trusted source.
In order to avoid falling victim to this sophisticated scam, we strongly recommend that any requests for wire transfers that you receive via e-mail be verified directly with the source of the email before you proceed. We have been working closely with several customers over the last few days who have been targeted, and confirmed that the emails are fraudulent and nothing more than an attempt to steal money. In each instance that we reviewed, the message looked legitimate, and appeared to be from someone within the respective business. Just like most phishing scams, these emails appear to come from a trusted source. And with this particular scam more than likely they will appear to be from an individual who is in a position of authority within your company, or from a company that you regularly do business with. Because of online networking sites like LinkedIn, it has become much easier for criminals to identify who is who within an organization and gather enough information to lend credibility to these requests for wire transfers. The objective of this type of scam is generally for financial gain or to access confidential information. Earlier this year, the FBI issued an alert for this particular style of phishing emails, which they call a Business Email Compromise (BEC) scam. They noted that it specifically targets businesses that regularly perform wire transfers and/or work with foreign suppliers. This is a global scam that has hit businesses in 45 countries. Through the end of 2014, the damages from the BEC Scam are estimated as:
- Total U.S. victims: 1198
- Total U.S. dollar loss: $179,755,367.08
- Total non-U.S. victims: 928
- Total non-U.S. dollar loss: $35,217,136.22
- Combined victims: 2126
- Combined dollar loss: $214,972,503.30
- Businesses and personnel using open source e-mail are most targeted.
- Individuals responsible for handling wire transfers within a specific business are targeted.
- Spoofed e-mails very closely mimic a legitimate e-mail request.
- Hacked e-mails often occur with a personal e-mail account.
- Fraudulent e-mail requests for a wire transfer are well-worded, specific to the business being victimized, and do not raise suspicions to the legitimacy of the request.
- The phrases “code to admin expenses” or “urgent wire transfer” were reported by victims in some of the fraudulent e-mail requests.
- The amount of the fraudulent wire transfer request is business specific; therefore, dollar amounts requested are similar to normal business transaction amounts so as to not raise doubt.
- Fraudulent e-mails received have coincided with business travel dates for executives whose e-mails were spoofed.
- Victims report that IP addresses frequently trace back to free domain registrars.