FBI wire fraud warning to businesses

Forums › Off topic › FBI wire fraud warning to businesses

Rikkitic

Awrrr
19062 posts

Uber Geek
+1 received by user: 16302

Lifetime subscriber

#214316 6-May-2017 09:58

"The number of business-email compromise cases, in which cyber criminals request wire transfers in emails that look like they are from senior corporate executives or business suppliers who regularly request payments, almost doubled from May to December of last year, rising to 40,203 from 22,143, the FBI said."

http://www.reuters.com/article/us-cyber-fraud-email-idUSKBN1811QH

Plesse igmore amd axxept applogies in adbance fir anu typos

Geektastic

18009 posts

Uber Geek
+1 received by user: 8465

Trusted

Lifetime subscriber

#1776797 6-May-2017 10:37

This is increasingly common in the UK, where criminals are hacking solicitor's email and sending fake mail that changes the bank account details that clients are asked to pay house deposits etc into.

Of course, one phone call to the solicitor to verify would uncover it but it seems quite a lot of people have been happy to pay hundred of thousands into wrong accounts on the strength of one email...doh!

freitasm

BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41024

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#1776800 6-May-2017 10:39

Common in New Zealand as well and for many years now. Businesses should be always aware of scams.

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

Geektastic

18009 posts

Uber Geek
+1 received by user: 8465

Trusted

Lifetime subscriber

#1776806 6-May-2017 10:49

I worked for a company that bid for overseas work quite often when I was in the UK.

They once sent two engineers to South America to work up a bid over several months. Whilst there, the engineers requested GBP2 million from the company Treasury Department. For some inexplicable reason, they were wired the funds (about $4.5 million in current NZ).

Funnily enough, neither engineer ever returned to the UK .....!

That really was pretty stupid.

networkn

Networkn
32862 posts

Uber Geek
+1 received by user: 15453

ID Verified

Trusted

Lifetime subscriber

#1776986 6-May-2017 21:27

We have had CFO customers (well trained, thanks) contact us after getting an email from their CEO requesting transfer of funds to other countries (UK/USA for example) that those companies deal with. They had obviously done a fair bit of research, they simulated the format of the customers email signature etc, knew the stakeholders. Pretty scary how real it looked. Thankfully they checked.

ANglEAUT

altered-ego
2436 posts

Uber Geek
+1 received by user: 841

Trusted

Lifetime subscriber

#1777014 6-May-2017 23:43

networkn: ... Pretty scary how real it looked. ...

Very scary indeed.

* I've seen signature details that are correct

* I've seen faked conversation history to make the request to transfer funds look more legit

* I've seen scammers initiate a conversation and only request a funds transfer on the 2nd/3rd email reply.

Please keep this GZ community vibrant by contributing in a constructive & respectful manner.

BTR

1527 posts

Uber Geek
+1 received by user: 449

#1777574 8-May-2017 10:47

Have had a couple of these this year supposedly from our CEO but thankfully correct procedures were followed and it was noticed very quickly.

Lenovo

Shop now for Lenovo laptops and other devices (affiliate link).

networkn

Networkn
32862 posts

Uber Geek
+1 received by user: 15453

ID Verified

Trusted

Lifetime subscriber

#1777585 8-May-2017 11:00

Whilst it's an extra lot of work for a lot of companies who make a lot of overseas transactions, a lot of customers have now switched to weekly payment meetings where payments are approved by the stake holders. Second line of protection is that all transactions over a set amount requested by someone, must be followed up by a phone call.

Some companies I know have a weekly "code" that goes into payment request emails as an authorization.

dt

1152 posts

Uber Geek
+1 received by user: 371
Inactive user

#1777588 8-May-2017 11:11

It's very important to have users educated to look for the simple tell tail signs of these phishing attempts.

Still surprises me when I see companies haven't done simple things like setup an SPF record to help their users identify these types of threats.

We often have our "CEO" emailing our CFO asking for funds to be transferred immediately!

freitasm

BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41024

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#1777602 8-May-2017 11:30

Another scam that's easy to overlook. Received an email today from "Wellington Victoria University" wanting to buy some hardware (obviously scammers didn't pay attention to what Intergen does).

Anyway, first thing was "victoriauniversity.org" instead of "vuw.ac.nz". I contacted a friend at Spark to report the scam - I suspected the phone number would be legit but the scammer would expect all the transaction to go via email (and if at any point a call was necessary s/he could give another number).

The phone number is registered to the US Embassy... So obviously the scammer just wanted a valid number there.

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

frankv

5705 posts

Uber Geek
+1 received by user: 3666

Lifetime subscriber

#1777675 8-May-2017 12:41

freitasm:

Received an email today from "Wellington Victoria University" wanting to buy some hardware

These scams pan out in one of two ways:

1. You get paid for their order by a stolen credit card. This is fairly common with hotels.

2. The scammer uses your company name, bank account, etc to get people to send money to you. They feel safe because its an NZ bank account.

In either case, the "order" is cancelled and you are asked to refund the money (less a good fee "for your trouble") via Western Union. Eventually the victims recover their money from you, and you've lost whatever you sent overseas untraceably.