I did a remodel of my office.

We had been communicating with the GC and his billing team.

They sent us the invoice and a notarized form.

We have spoken with the admin who was communicating.

There was a group email with the GC.

Somewhere in this message chain the email changed from billing to billings

But still in the same chain with the other employees.


Long story short.. we get wiring info and send 30k... and now they said that was a fraudulent email

Do I have any recourse here? The person had all the docs/invoices and on the chain with the company.

Does either parties insurance get involved?

When did the wire transfer take place?

Last week
Filed police report

Figured it out about 3 days after

Theirs
Had their invoice and notarized file

No idea how

Somebody called into a radio show the other day with almost this exact same story except it was a pool contractor. Was out like $60K by the time all said and done.

What PD took the report?

If you can find through forensic work that breach occurred on their end, you may be able to have them agree to help if insurance doesn't exist.

Unfortunately you are pretty much out of luck otherwise.

Very common these days.

Hackers basically get into the email systems, sit dormant and wait for certain keywords to be exchanged like "invoice", "wiring instructions", "closing", etc., then they pounce.

Doubtful you'll be able to get any recourse from the other party, unless they had reason to belive they were compromised prior to this occurring.

The Anchor said:

---

What PD took the report?

---

my manager filed but I believe Austin

This happened to me at a previous stop. The email domains for all vendors and involved in the chain had been changed by moving a period one letter over creating a break that mirrored the real domains. Funny enough, we sent the conversation directly to their billing instead of replying all and they never caught it.

Luckily, our IT insurance covered the loss.

Be prepared that the police will do nothing.

So is the best move just a certified check now for these types of transactions?

There are a couple things you can do to provide confidence, but it's hard to never have to deal with it again.

One of the best things is to know your vendors as best as you can. That may not be feasible with every vendor of course, but the big ones, it is best to establish a good relationship. That helps in many parts of business.

At a different role than mentioned above, we had one person dedicated to vendor management. It was their responsibility, with oversight by me, to ensure vendor details were accurate. That required lots of phone calls to established points of contact. Our vendors were responsible for notifying us when the point of contact left the company or changed internally. They were responsible for confirming any vendor detail changes.

For a small business that may not have the manpower to do the above, you can always call the bank and confirm the account details are owned by that company. Most of the time, the fraudulent account is under a different name.

Vendor management is hard some times, but established practices can provide a level of confidence that your money will go to the correct person.

Lastly, maybe consider an insurance policy that contains an IT coverage component. It came in handy for us once.

Shouldn't the location of the receiving bank be a red flag? Are these turds getting away with doing business with US banks?

This is scary.

We've had several instances of this in the last few years. The culprits are clearly monitoring emails because they send them at the right time and in the right context. Oh we just finished a job with this contractor and got an invoice from them? That makes sense. But we didn't notice the one letter change in the email address including the payment info. There was also an email last summer to our accounting that appeared to come from my personal email requesting an update to my direct deposit. I caught that one when my paycheck didn't show up.

I wasn't involved with the investigations on any of these so can't say what, if any, resolution was reached.

These people are much craftier than the generic third world attempts to get you to buy a $500 iTunes giftcard to bail your grandson out of jail.

Ted Lasso said:

---

So is the best move just a certified check now for these types of transactions?

---

I don't know about other companies but title companies did away with accepting certified checks a number of years back. Somehow fraud there left them responsible. Now if you get hosed in a wire transfer, they wash their hands of it.

This happened at our office a while back. Office manager sent a fraudulent wire, then CEO happened to walk by and she verbally confirmed with him the wire. He looked at her puzzled, saying "what wire?" and she almost immediately knew something was up. Someone had spoofed his email and instructed her to send a wire. Luckily she called the bank and stopped the wire from going through but it was a stressful day.

We had this almost happen about 10 years ago with a contractor we had been doing business with. No change in email, I even checked the header info, but since I approved all wires I noticed the account info was updated per the contractor. My controller setup the wire assuming the new info was correct.

For some reason she did not think much of our Houston contractor with a Houston bank account wanted their money this time in Lincoln Nebraska with the account owner having a residential address.

My controller showed me the back and forth emails with the contractor and it was all legit on that part, but it was not adding up and I call their owner. His employee claimed she was hacked and blamed us, I told him he probably needed a new accountant and I did as well. Since the money was not sent in error we just hand delivered a check and then moved on from them.

As Red Pear indicates, this became (may still be) quite a problem on residential home sales.. Always, always verbally verify the wire information with the recipient, your bank and their bank if you can. Source your own numbers and make sure the person you are speaking with has been verified by you or someone you trust.

Of course, AI is posing a huge issue for voice verifications. I am rectal scan signatures will have to be implemented at some point.

Contact your bank and have them immediately start a trace. The receiving bank will put a block on the bank account in question until the investigation is complete. If any funds happen to be left, you will likely get it back. Been there, done that. Good luck.

find out the point of entry for the fraud. Saw this on a client of mine. They ended up filing on the engineer's insurance policy under the cyber security provision of their policy. The bank will be no help, that money was pulled out minutes after it hit. sorry that happened.

It's probably too late for a trace now as the funds will have hopped through multiple accounts and are now out of reach, but for future reference report this through IC3.gov asap and provide as much information as you can. The team there is far more capable of initiating a trace than your local PD and has a very high success rate when they do. Always a good idea to report to local LE as well.

I read several websites, and this article from Forbes was the most helpful.

https://www.forbes.com/sites/forbesbusinesscouncil/2022/08/30/wire-fraud-is-an-epidemic-take-these-three-steps-to-protect-your-company-from-cybercriminals/?sh=36184dfe6774

My firm closes a lot of real estate transactions and holds escrow funds pending closings. A realtor we work with was compromised which led to a fraudulent wire transfer about 4 years ago. The ultimate solution we adopted was to require the bank our accounts are with to use a two-person authentication prior to issuing any wire. Essentially, they will not issue a wire unless two separate firm employees verify the various transaction amounts, destinations, etc. through separate phone calls. We also require a verbal verification from the realtor any time the wiring instructions change (they are normally provided with the original contract), and we encrypt any emails that contain bank information.

It's not perfect, but we have not had any issues since adopting this policy. We've used two different banks and neither had an issue. Ultimately, if the realtor is compromised and doesn't know it, there isn't much we can do about that as the intermediary.

It's amazing how loose people are with their bank information. Email is simply not as secure as people think it is.

Embarrassingly to say, we had an employee get hacked and as credit manager the back and forth ended with the customer sending $170K+ in payment to a fraudulent bank account.

What happened is they just never paid their invoice and dumped it on us.

Does anyone have any experience on taking this to court, is it worth our time and money to go after?

Damn. This whole thing sucks.

Thanks for shouting out the heads up.

I've wired large sums fairly recently to a title company and it never even occurred to me that this was a possibility.

I'll change my ways.

Premium said:

---

Embarrassingly to say, we had an employee get hacked and as credit manager the back and forth ended with the customer sending $170K+ in payment to a fraudulent bank account.

What happened is they just never paid their invoice and dumped it on us.

Does anyone have any experience on taking this to court, is it worth our time and money to go after?

---

Depends on the circumstance and how was ultimately "at fault". You customer made the determination they had zero fault in this. I would find that hard to believe unless it was your employee that made the error or committed the fraud.

If you warned the customer not to wire to that account, or they made an error on their end, or if in fact they had an employee committing a fraud, then that is on the customer and you would likely prevail.

If this was within the last couple of years, talk to your general counsel or business attorney.

I helped review something like this that happened to a close friend, the scammer had setup rules in outlook to block non-delivery receipts so when you replied to the altered email it was sent but the messaged you would get when it bounced would automatically be sent to trash.

A rule we help setup with their IT team was to setup 2FA for signing in to email, restrict to login from certain geographical locations.

I would go as far as asking them to verify if anything like this has happened to them before… if so, they likely have a security breach somewhere….

fka ftc said:

---

Premium said:

---

Embarrassingly to say, we had an employee get hacked and as credit manager the back and forth ended with the customer sending $170K+ in payment to a fraudulent bank account.

What happened is they just never paid their invoice and dumped it on us.

Does anyone have any experience on taking this to court, is it worth our time and money to go after?

---

Depends on the circumstance and how was ultimately "at fault". You customer made the determination they had zero fault in this. I would find that hard to believe unless it was your employee that made the error or committed the fraud.

If you warned the customer not to wire to that account, or they made an error on their end, or if in fact they had an employee committing a fraud, then that is on the customer and you would likely prevail.

If this was within the last couple of years, talk to your general counsel or business attorney.

---

In our circumstance our employee was definitely hacked. Scammer set up email rules to siphon off all back and forth email so only the scammer was able to see and communicate with the customer.

The customer only communicated by email and did not attempt to verify new banking instructions by calling us.

Premium said:

---

fka ftc said:

---

Premium said:

---

Embarrassingly to say, we had an employee get hacked and as credit manager the back and forth ended with the customer sending $170K+ in payment to a fraudulent bank account.

What happened is they just never paid their invoice and dumped it on us.

Does anyone have any experience on taking this to court, is it worth our time and money to go after?

---

Depends on the circumstance and how was ultimately "at fault". You customer made the determination they had zero fault in this. I would find that hard to believe unless it was your employee that made the error or committed the fraud.

If you warned the customer not to wire to that account, or they made an error on their end, or if in fact they had an employee committing a fraud, then that is on the customer and you would likely prevail.

If this was within the last couple of years, talk to your general counsel or business attorney.

---

In our circumstance our employee was definitely hacked. Scammer set up email rules to siphon off all back and forth email so only the scammer was able to see and communicate with the customer.

The customer only communicated by email and did not attempt to verify new banking instructions by calling us.

---

IANAL, but I am thinking you would not be successful going after the customer. Did you look into insurance coverage? $170k is a decent amount of money.