A local organization was recently impacted by a Business Email Compromise (BEC) scam.

“Company A” is a vendor to the victim organization. The email address for the owner of Company A was compromised. In late October 2021, while Company A’s owner was out of town, a hacker used the hacked email address to send new payment instructions to the victim.  The change request included a new EFT form containing a phone number with the one digit changed, a fake voided check, and a fake W-9. Company A was a known vendor, the email address was legitimate, and the victim ultimately changed the company payment information on file.

Several days later, the victim issued payments totaling over $300,000 to the fraudulent account. The incident is currently under investigation by the U.S. Secret Service.

To Avoid a Scam, organizations should consider the following:

• Report the incident to authorities as soon as possible. An report may be needed for your bank to reverse a wire, and law enforcement can work with FinCEN to initiate the Financial Fraud Kill Chain.
• Consider a policy to verify payment change instructions via information on file
• Implement a two-signature requirement to issue checks or wire transfers
• Train buyers and accounts payable staff on a payment change verification policy and signs of a scam
• Talk to your bank ahead of time to confirm the process for freezing funds, cancelling checks, or reversing wire transfers – and have this written down so all staff is aware of the process

If you are the victim of a cyber attack or scam, please report it immediately. Contact information for agencies is below, or you can contact the SD-LECC to be connected to the appropriate agency.