I get warnings on wire fraud all the time, usually from title insurance companies for whom I write title insurance. Their legitimate concern is that if I fall victim to a wire fraud scheme, they may have to cover the loss. The warnings are useful generally but also because they sometimes contain the latest scam that I had not yet heard about, so I learn what to look out for. I don’t mind being reminded because being the victim of a wire fraud scheme can be really devastating. My office had an IOLTA account hacked some years ago. Neither the office nor any client suffered any loss, but it was very difficult.
This warning about wire fraud caught my eye because it contains a hypothetical sequence of events leading to the loss. The problem is the hypothetical victim is less than proactive about protecting himself.
The first thing he does is open an email from someone he does not know. The email from the unidentified sender advises the victim of a problem with the victim’s email. The email contains a link to assist the victim with the email problem. The victim clicks on the link which sends him to a page that looks like his email provider’s, asking him to insert his username and password. He enters his username and password. The page tells him these are incorrect. In fact, the set up is designed to get the victim to enter his username and password, the scammer monitors his account until the victim is about to wire funds, and the scammer intercedes and directs the wire to himself.
The victim’s mistakes seem so obvious it is hard to imagine the usefulness of the hypothetical. An email from an unknown sender asking you to click a link in the email? Clicking on a link from an uninvited, unknown sender could be benign or unleash a virus on your computer. Even if the email superficially looks like it might be from your provider, shouldn’t the victim be asking himself, did I tell them I had a problem with my email? Am I currently experiencing a problem with my email and if not, why am I receiving an email from someone saying I am? Then the unknown sender requests the keys to the kingdom, the combination to the safe, the victim’s username and password. Even if the victim was careless in opening and clicking on a link in an email from a stranger, sharing personal login information is a little incredible. The hypothetical appears to function as a primer for what not to do with emails from unknown senders.
The second part of the warning is much better because it lists concrete signs to watch out for: bad grammar, odd introductions (Dear Mr. Christop Tooley) odd domains, timestamps at odd hours of the day, and any email requesting a change in wire instructions. The last is part of a very common email fraud, a fraudulent email on what looks like the wire recipient’s email requesting funds be wired to new wiring instructions – the scammer’s.
I recently attended a talk by a friend who is employed in internet security. He is also a reservist and performs internet security for the Army. He works on very sophisticated internet security matters, but told the group the way to protect yourself is the simplest, refuse to respond to suspicious looking emails. As the warning says, trust your gut.