Businesses are increasingly falling victim to wire fraud scams – sometimes referred to as “man-in-the-email” or “business email compromise” scams. Although there are multiple variants, a common situation involves an attacker gaining access to the email system of a company, or the company’s vendor, and monitoring email traffic about an upcoming transaction. When it comes time to submit an invoice or a payment, the attacker impersonates one of the parties and sends wire instructions asking that payment be sent to the attacker’s bank account.
Wire fraud scams often victimize two businesses – the business that expected to receive payment, and the business that thought that they had made payment. The scam can cause significant contractual disputes between the victims as to who should bear the loss. The following is a snapshot of information concerning wire transfer fraud.
The number of businesses victimized by wire transfer fraud.1
The amount of money lost in the US due to wire transfer fraud.2
Increase in identified victims and exposed loss from January 2015 to April 2016.3
Steps to help avoid wire fraud scams:
If you are victimized by wire fraud, consider:
Asking business partners to investigate whether their email systems may have been compromised.
1. Federal Bureau of Investigation, Alert No. I-061416-PSA (June 14, 2016), https://www.ic3.gov/media/2016/160614.aspx..
3. Federal Bureau of Investigation, FBI Warns of Dramatic Increase in Business E-Mail Scams (April 2016), https://www.fbi.gov/phoenix/press-releases/2016/fbi-warns-of-dramatic-increase-in-business-e-mail-scams.