The United States Federal Bureau of Investigation warned Friday (Aug. 28) that a new email scam is targeting recipients’ financial firms, law firms and real estate enterprises.
Dubbed the “Email Account Compromise,” the ploy targets individuals, the FBI noted in a bulletin. The scam works as criminals target accounts by gaining access to a legitimate email address, with the subsequent creation of a “spoofed” account that mimics the original account. Then, the spoofed account is used to initiate wire transfers for funds — unauthorized, of course.
The misappropriated funds wind up being directed to what the FBI termed “money mules” that are located in the United States. Or, alternatively, the funds can be directed to accounts tied to financial institutions located outside the U.S. And the criminals are savvy enough to call up and confirm the wire transfers with unsuspecting banks, rendering transactions to at least appear legitimate.
Corporate email fraud has become big business, with the FBI estimating that enterprises lost more than $1 billion in just under two years through June 2015.
In initial reports of the “EAC” scam between April 1 and June 30 of this year, 21 complaints were filed, with losses of roughly $700,000. The FBI has identified an additional $14 million in “attempted losses” associated with the email activity described above.
In other examples, an accounting firm’s email account was compromised and then manipulated by criminals to request a wire transfer from an unsuspecting client.
And in real estate-specific transactions, sellers and buyers can encounter the scam, too, wherein communications between the two parties are compromised and fund transfers are altered.
Realtors themselves can fall victim to emails that request information related to a property listing. Upon the realtor’s clicking a link, the cyberscammer can access his or her account and then gain access to client information, with an attempt to change wire instructions.