How Cybercriminals Commit Wire Fraud

How Cybercriminals Commit Wire Fraud and How To Stop Them

Imagine this. You’ve found your dream home and are waiting to close on the property. A few weeks later, your escrow officer sends a message that your closing needs to be immediately wired to the title company. That any delays would push back your closing date. The font is right. The signature is right. And there’s even a CC to your real estate agent. So, you log into your digital wallet and wire the money to the company. Then you call up your real estate agent to confirm whether everything is set to move in – and the reality hits. You’ve lost six-figure sums, your dream home and maybe, the bulk of your life savings.

It’s devastating, to say the least. But sadly, US consumers lost approximately $150 million to real estate scams in 2018. According to the FBI, these scams have jumped over 1000% since 2015, and real estate is now the biggest target of malware attacks in the country. Years back, scammers had to depend on phones and make numerous calls to try to scam people. Today, thanks to the internet’s amazing power to locate potential targets, a scammer’s work can be done online with a tale of woe, a few fake pictures and a promise of massive riches.

Understanding Wire Fraud

You’re probably familiar with the Nigerian prince fraud where the criminal emails target claiming to be an exiled prince who can’t access his fortune stacked in the banks. But over the years, the scammers have gotten even smarter.  They now have an impressive arsenal available to commit wire fraud. Like legitimate companies, scammers use different approaches based on their resources, sophistication and core competencies.

Generally, fraud schemes fall into three main categories:

I am Who I say I Am

Hackers run thorough background checks on their target before attacking. For instance, an attacker who initiates a wire transfer request from a bank usually has all the relevant data to pass the call-back test – where the bank calls to confirm the transaction’s legitimacy. With the data at hand, the hacker can divert or intercept the call or even impersonate customers or bank officials, thereby authenticating the payment instruction. Once the employee approves the transaction, the bank wires the money, which is subsequently layered, with the money eventually ending up in the scammer’s account. Tracing this money is impossible because the scammer moves it to and within banking systems that offer legal protection meant to guard the banking activity and account holder’s information.

Please Verify Your Information

When they cannot access the target’s information online, scammers will leverage all kinds of tools and tactics to steal or trick individuals into disclosing critical information. Here are some common approaches:

Business Email Compromise (BEC)

BEC is a sophisticated fraud where a scammer either hijacks an executive account or uses a legitimate-looking-but false account to send an email to someone inside their company in an attempt to leak information or solicit unwanted actions. In most cases, these emails request urgent payment – often money transfer – to a new supplier. The employee, wanting to please their boss, sends the money to fraudsters, albeit unknowingly.

Brute Force Password Attack

This is a cyberattack equivalent to trying every key on your key ring and eventually finding the right one. Scammers use excessive forceful attempts to try and force their way into your business accounts. Once they get it right, they gain access to do whatever they need to commit the fraud. A brute force attack is often effective, and cracking a password may take anywhere between a few seconds to many years, depending on its complexity.

Grooming

Instead of gathering a small amount of data at one go, scammers use social engineering over a long time to gain high levels of trust between themselves and the target. In most cases, they even conduct actual business and take part in normal transactions to build confidence and rapport before executing the main fraud.

Phishing And Email Spoofing

Scammers may send emails from seemingly recognizable sources to try and steal something from the target – usually money, data, login details, etc. The target gets a disguised email from a friend, colleague, boss, etc., that convinces them to click on a link to read a secure message or see an attachment. The link then loads an information page or fake login and collects sensitive credentials or data for the criminals. In most cases, scammers:

• Create a new email address that looks similar to the real one, like johndoe@smarteam.com instead of johndoe@smartteam.com.
• Create a valid email address with a colleague’s name as John Doe <John.doe345@gmail.com>Forge the contact details and email address visible to the recipient like John Doe<John.doe@smartteam.com>

Cybercriminals often rely on trust. They know that employees trust their colleagues, bosses, etc. So they take advantage of this to perform fraud.

I am About to Make you Rich, or You are the Only One that Can Help

The Nigerian Prince is an excellent example of these types of fraud. An employee gets an email from a colleague who’s apparently in trouble. The “colleague” is facing a life-threatening event that’s avoidable if the employee wires the money. Since the email is supposedly from a colleague, one may fall for this fraud and wire money.

Fighting Wire Fraud

Wire fraud mainly involves email and other digital platforms. Here are essential steps you can take to protect your business:

• Train your teams on how to identify suspicious emails and messages.
• Update apps, operating systems, and browsers regularly.
• Use unique and strong passwords, and turn on Password Alert in case a site is impersonating online.
• Back up old emails and advise teams to be suspicious of all communications and avoid installing unknown apps.
• Limit the number of employees who have the power to send or approve wire transfers.
• Protect your email accounts and ask employees not to open attachments or click on links unless they’re confident in the source.
• Call the vendor or customer to verify any payment request changes or any uncommon instructions.
• Use a method outside of email to verify any wire transfer request.
• Verify wire requests that appear to come from company executives through a method other than email.
• Don’t call a number that’s offered in the email communication. Instead, use the contact information you have on file for the person making the request.
• Confirm the instructions have come from a legit source before sending the request to the bank.

You can also hire an IT advisor to help set up a security plan and perform regular maintenance as needed. An advisor will also help you determine if your business’s SMTP service can be set with better security filters with DKIM, SPF and DMARC standards.

There’s a huge variance in how sophisticated cybercriminals can get, and they are constantly changing their methods. At Centerpoint IT, we provide Atlanta businesses with fully managed solutions with end-user reporting.  Contact us today to see how we can help protect your business’s network against any wire fraud.