FOR IMMEDIATE RELEASE

NEWS RELEASE: Business Email Compromise

Nevada City—Cliff Newell, Nevada County District Attorney, announced today:
 
The Nevada County District Attorney’s Office is currently investigating a series of high-dollar wire transfer scams. These scams were the result of hackers using software to copy and redirect emails sent to-and-from legitimate email accounts in what law enforcement nationwide refers to as Business Email Compromise. The California Department of Justice has already identified more than 2000 infected devices (See reference link below).

This is a sophisticated scam because the hackers are preying on people who are conducting legitimate transactions and the hackers are waiting for the appropriate time to launch the scam. Here is an example of a common scam: An employee of a business has an email address of JohnDoe@business.com. He communicates with a client about the transaction as a regular course of business. Meanwhile, the hackers have read the email correspondence between the employee and client, and familiarized themselves with the business transaction. The hackers create a similar email address, such as JohnDoe1@business.com, or they create a hidden email address that JohnDoe@business.com forwards to. The hackers then begin communicating with the client without the original employee ever seeing the communication.

In the event of the real estate scam, at a point near the closing of escrow, the client/victim will receive a set of wire-transfer instructions to send money to; often times creating a fraudulent letterhead belonging to a local title company. The instructions include a recipient bank account that has no association with the real estate transaction. Sadly, the victim will not know the title company has not received the money until it is far too late to recover any money.

In some occasions, the recipient bank account holder is also a victim of being scammed by a foreign criminal who is using them as an unsuspecting money mule. These recipient bank account holders are tricked into believing a story that requires their help receiving money and issuing cashier’s checks to help complete some transaction their new friend has. Sadly, once this check has been issued, the original victim’s money is now gone.

What you need to know. This hack is not isolated to any particular company or business transaction. Any business transaction that requires transfer of large sums of money via wire are at risk.  .Numerous businesses throughout the country have been compromised. Email addresses and phone numbers can be spoofed (made to look like the original), which gives the hackers the ability to appear legitimate. A hacker can also call you from a caller ID that looks like the person/ company you are doing business with. Therefore, it is imperative to work with people you know and trust and confirm information via other forms of communication before sending money to anyone. If you receive a call or email that doesn’t seem right, slow down and make your own confirmation follow-up calls or appointments. Although it is easy to simply hit reply on an email, creating a new email and typing in the actual recipient will direct the email to the legitimate person and not the hacker. This is also true regarding a spoofed phone number.

Although it might be slower, the use of alternative payment methods, such as issuing a cashier’s check to the title company, can be the difference between a successful business transaction and a devastating loss.
 
Links to reference:
https://oag.ca.gov/news/press-releases/attorney-general-becerra-alerts-california-companies-malware-attack-impacting
https://www.fbi.gov/news/stories/business-e-mail-compromise-on-the-rise