By: Karen N. Shapiro
Media Type: Alert
Every time you thwart one prince with a large inheritance awaiting your claim, there is another one just around the corner. A new email phishing scam has emerged, and it is a lot harder to spot than the usual tricks to which we’ve become accustomed. “Business Email Compromise” (BEC) is a targeted attack on a business with the goal of initiating an unauthorized wire transfer. “Spear Phishing” is the name given to these types of attacks because of their targeted nature. A recent incident was brought to the attention of Stein Sperling’s business law department. We wanted to make sure our clients are aware of the risks and know how to protect themselves.
In a BEC scam, the perpetrators compromise a legitimate email account or create a spoofed email account that closely resembles the actual email address belonging to a business’s CEO or CFO. From that account, they are able to send messages, which look like they are from the CEO or CFO, to an employee with the ability to conduct a wire transfer. In some cases, scammers have even monitored emails from the CEO or CFO ahead of time to get a sense of their writing style and how wire transfers are typically initiated. Occasionally, they will monitor the email account, or the individual’s social media accounts, to find a time when the CEO or CFO will be out of the office, creating difficulty in verifying a request. They then request a wire transfer be sent to a foreign bank account, usually with urgency.
The FBI estimates that, in the United States alone, over 7,000 people have fallen victim to spear phishing schemes, for a total loss of over $700 million. BEC scams continue to grow and evolve, with a 270% increase in identified victims since January 2015. Victims range from small to large businesses in a variety of industries.
What steps can you take to safeguard your business from these types of attacks?
If you are a victim of a BEC attack, act quickly:
Should you have any questions about BEC scams, please contact a member of our business law department at 301-340-2020.
The purpose of a donor agreement is to clearly establish that donor is not the child's legal parent.
Letters of Administration? "Interested Persons"? Accounts? Learn about the Maryland Probate Process.
Missteps, such as misclassification of employees and paying workers "salary," can lead to claims.
Get tips for paying accident-related medical bills in Virginia, Maryland and D.C.
The laws are complex and provide for significant penalties for any violations.