Wire Fraud Alert
Clients are reminded to exercise due caution when executing a wire transfer. Prior to any wire or funds transfer a client should attempt to verify two very critical things
1. That the wire is legitimate (Confirm via personal or phone contact and NOT email contact with the CEO/CFO/Vendor or other authorizing party)
2. That the wire transfer instructions have not been surreptitiously changed by a fraudster who inserted himself into the email chain (Review and confirm that the beneficiary account information and numbers have not been changed or altered)
This notification seeks to make IDB clients aware of a scam that is targeting business owners and operators. This scam attempts to cause business owners to redirect planned wire transfers or have the business execute a new wire that the business would not otherwise execute.
The method used in this scam is known as the Business E-Mail Compromise or BEC scam. This scam generally targets businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. The scam is carried out when a fraudster compromises legitimate business email accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds.
According to the FBI the scam first began to evolve in 2013. Investigations determined the email accounts of CEO’s or CFO’s were hacked or spoofed and wire requests were directed to be sent to fraudulent locations, frequently in Asia. These requests are usually sent to other authorized persons within the organization having wire transfer authority who then act upon the requests believing them to be legitimate directives from CEO, CFO or some other senior level management person. The belief that the request was legitimate was further enhanced by the fact that the CEO or CFO’s actual email was used in the request when in fact a hacker was sending the instructions using their hacked accounts.
This scenario is not the only way these scams may play out but they all have the same basic elements: a person with wire transfer authority is tricked into transferring funds to a fraudster with the outcome being that these funds are very difficult if not impossible to recover, thus resulting in what is often a total loss to our client. The reason for this notification is that IDB has noticed an increase of these scams being perpetrated against our clients and is endeavoring to reduce these incidents through greater client awareness.
Please notify your account officer or IDB bank security immediately at 212-551-8725 if you feel you have been victimized by this scam.