Security News > 2020 > June > The “return” of fraudulent wire transfers

The customer reports that they have already paid the invoices and provides proof of the wire transfer, but the document shows that the money transfer was made to the worn bank account.

The customer says they've followed the accounting department's instructions, after receiving an email with "New" wire instructions from them.

"Sometimes the bad actor compromised an accounting department employee's email account to find customers, steal invoices and gain an understanding of the cadence and manner of billing emails. Sometimes the bad actor compromised the customer's email account for the same purpose and then used an email that looked enough like the vendor's accounting department email address to trick the customer. But whatever the method of access and communication, the two entities share the same outcome: Money has been paid to bad actors, and it is highly unlikely that it will be recouped, even with law enforcement intervention."

Blocking access to company email accounts from internet provider addresses that resolve to countries where the company does not have employees is also a good idea, and so is setting up alerts that are triggered when the email account is accessed from two locations within a time span that would not allow for travel between the two locations, the lawyers advise.

If you're in the US and the fraudulent wire transfer has been made to a domestic bank account, the FBI's Internet Crime Complaint Center's Recovery Asset Team might be able to get it back for you.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/7FvMD7G-nys/