Wire fraud scams have been around a long time and most clever consumers already know to be extra careful when wiring funds for real estate closings and other transactions.
But nothing is stable in the world of scams and skullduggery and wire fraud scams have been growing ever more sophisticated and harder to detect in recent years.
Wire fraud scams operate on a simple principle: the fraudster changes wiring instructions or sends phony ones that look real and then diverts the funds to his own account. Tracking down the villains and recovering the money is often very difficult, since many operate internationally.
Besides consumers, wire fraud targets are often businesses and high net worth individuals who are closing big deals of one kind of another. Private equity deals are especially vulnerable, since they usually involve multiple closing wires among lots of parties who may not know each other very well, if at all.
Wire fraud scenarios
The first step in running a wire fraud is to get access to the instructions being sent to the parties. This is usually email, which unfortunately is among the least secure form of communications.
Once the bad guys find an email thread, they can start to mimic the official communications being sent among the parties and monitor how the transaction is progressing.
With lots of players involved, it takes only one to be careless, leave a live laptop unattended or send a copy to the wrong person. The fraudster then sends out a doctored email with information that sends money winging its way to the wrong pocket.
Once the fraud is discovered, it’s often too late to do anything about it. Wires are nearly instantaneous and banks disclaim any responsibility for errors committed by their clients. Learning the true identity and whereabouts of the conspirators may be difficult bordering on impossible.
Avoiding wire fraud
There’s no one-size-fits all answer to the problem but there are some basic steps that should be taken by everyone involved in a transaction.
Businesses should train employees thoroughly and often and review security measures prior to any transaction. Payment authorizations should ideally be made only by multiple parties who have been thoroughly vetted.
Both individuals and businesses should “practice safe email” at all times, limiting their contact with anyone they don’t know well. Many people maintain a separate email account for use in financial transactions, possibly from a provider like Proton, which encrypts all email.
Passwords should be changed frequently and all email accounts should be checked for “auto-forwards,” which could be forwarding vital information to conspirators.
Other vital safety protocols can be found in a recend JDSupra posting.