The cybercrime that could cost you thousands
RICHMOND, Va. (WWBT) - You find the perfect house and go to closing to make the big payment, but weeks later, you are notified by a bank that the money never went through. Hundreds of thousands of dollars gone in the blink of an eye. With no warning any step of the process was wrong. It’s called Business Email Compromise, and according to the FBI’s cybercrime report, it made up 37% of all losses last year - more than $1,866,642,107.
“It’s one of the most prominent forms of internet fraud that we see,” said Richmond FBI Special Agent Michael French. He’s a member of the FBI’s Cyber Squad.
He says the scheme is complicated. It usually originates outside of the US with hackers contacting legitimate businesses. They get control of an email and steal the business’s money by convincing workers to alter the company’s bank wiring instructions. Basically, these hackers get the company to send large amounts of money to bank accounts the scammers control.
“They regularly target small to medium size businesses - payroll processors, contractors, universities - using spoofed or compromised email accounts,” said French.
House closings or real estate transfers are also a big target.
“Either getting into the legitimate email account for say a title attorney or retailer, or using a spoofed email address for the client, and asking to change the bank account instructions - where the money should be wired,” added French.
The crime is so sophisticated the scammers often use people inside the US to move the money. They’re called money mules. Some of them may be victims of other schemes and are not even aware they are moving stolen money.
If you or your business is making a big purchase, always try to do the transaction in person.
“Call them on the phone, go see them in person. Don’t do it online, electronically or even via fax. Do it as much as you can in person or on the phone,” says French.
If you are suddenly asked to change how you are paying for something - ask questions. Make sure you call the person you usually deal with directly. Don’t rely on an email.
If you think your email could be the target of a crime like this, make sure you have two-factor authentication turned on for an extra layer of security.
Copyright 2021 WWBT. All rights reserved.
Want NBC12’s top stories in your inbox each morning? Subscribe here.