FBI wire fraud warning to businesses

Forums › Off topic › FBI wire fraud warning to businesses

Rikkitic

Awrrr
18662 posts

Uber Geek

Lifetime subscriber

#214316 6-May-2017 09:58

"The number of business-email compromise cases, in which cyber criminals request wire transfers in emails that look like they are from senior corporate executives or business suppliers who regularly request payments, almost doubled from May to December of last year, rising to 40,203 from 22,143, the FBI said."

http://www.reuters.com/article/us-cyber-fraud-email-idUSKBN1811QH

Plesse igmore amd axxept applogies in adbance fir anu typos

Geektastic

17943 posts

Uber Geek

Trusted

Lifetime subscriber

#1776797 6-May-2017 10:37

This is increasingly common in the UK, where criminals are hacking solicitor's email and sending fake mail that changes the bank account details that clients are asked to pay house deposits etc into.

Of course, one phone call to the solicitor to verify would uncover it but it seems quite a lot of people have been happy to pay hundred of thousands into wrong accounts on the strength of one email...doh!

freitasm

BDFL - Memuneh
79289 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#1776800 6-May-2017 10:39

Common in New Zealand as well and for many years now. Businesses should be always aware of scams.

Geektastic

17943 posts

Uber Geek

Trusted

Lifetime subscriber

#1776806 6-May-2017 10:49

I worked for a company that bid for overseas work quite often when I was in the UK.

They once sent two engineers to South America to work up a bid over several months. Whilst there, the engineers requested GBP2 million from the company Treasury Department. For some inexplicable reason, they were wired the funds (about $4.5 million in current NZ).

Funnily enough, neither engineer ever returned to the UK .....!

That really was pretty stupid.

networkn

Networkn
32351 posts

Uber Geek

ID Verified

Trusted

Lifetime subscriber

#1776986 6-May-2017 21:27

We have had CFO customers (well trained, thanks) contact us after getting an email from their CEO requesting transfer of funds to other countries (UK/USA for example) that those companies deal with. They had obviously done a fair bit of research, they simulated the format of the customers email signature etc, knew the stakeholders. Pretty scary how real it looked. Thankfully they checked.

ANglEAUT

2325 posts

Uber Geek

Trusted

Lifetime subscriber

#1777014 6-May-2017 23:43

networkn: ... Pretty scary how real it looked. ...

Very scary indeed.

* I've seen signature details that are correct

* I've seen faked conversation history to make the request to transfer funds look more legit

* I've seen scammers initiate a conversation and only request a funds transfer on the 2nd/3rd email reply.

Please keep this GZ community vibrant by contributing in a constructive & respectful manner.

BTR

1527 posts

Uber Geek

#1777574 8-May-2017 10:47

Have had a couple of these this year supposedly from our CEO but thankfully correct procedures were followed and it was noticed very quickly.

networkn

Networkn
32351 posts

Uber Geek

ID Verified

Trusted

Lifetime subscriber

#1777585 8-May-2017 11:00

Whilst it's an extra lot of work for a lot of companies who make a lot of overseas transactions, a lot of customers have now switched to weekly payment meetings where payments are approved by the stake holders. Second line of protection is that all transactions over a set amount requested by someone, must be followed up by a phone call.

Some companies I know have a weekly "code" that goes into payment request emails as an authorization.

Quic Broadband

Move to New Zealand's best fibre broadband service (affiliate link). Free setup code: R587125ERQ6VE. Note that to use Quic Broadband you must be comfortable with configuring your own router.

dt

1152 posts

Uber Geek
Inactive user

#1777588 8-May-2017 11:11

It's very important to have users educated to look for the simple tell tail signs of these phishing attempts.

Still surprises me when I see companies haven't done simple things like setup an SPF record to help their users identify these types of threats.

We often have our "CEO" emailing our CFO asking for funds to be transferred immediately!

freitasm

BDFL - Memuneh
79289 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#1777602 8-May-2017 11:30

Another scam that's easy to overlook. Received an email today from "Wellington Victoria University" wanting to buy some hardware (obviously scammers didn't pay attention to what Intergen does).

Anyway, first thing was "victoriauniversity.org" instead of "vuw.ac.nz". I contacted a friend at Spark to report the scam - I suspected the phone number would be legit but the scammer would expect all the transaction to go via email (and if at any point a call was necessary s/he could give another number).

The phone number is registered to the US Embassy... So obviously the scammer just wanted a valid number there.

frankv

5680 posts

Uber Geek

Lifetime subscriber

#1777675 8-May-2017 12:41

freitasm:

Received an email today from "Wellington Victoria University" wanting to buy some hardware

These scams pan out in one of two ways:

1. You get paid for their order by a stolen credit card. This is fairly common with hotels.

2. The scammer uses your company name, bank account, etc to get people to send money to you. They feel safe because its an NZ bank account.

In either case, the "order" is cancelled and you are asked to refund the money (less a good fee "for your trouble") via Western Union. Eventually the victims recover their money from you, and you've lost whatever you sent overseas untraceably.