Looking For The Best Vancouver and Fraser Valley IT Services?

Direct:(604) 864-_0992 | Toll Free: (877) 864-_0992

Email Compromise Scams – Wire Transfer Fraud

Email Scam Alert

Email Compromise Scams are the sophisticated fraudulent use of email to target individuals and employees that regularly perform wire transfers. The scam involves a fraudster creating a false email or alternatively, hacking into a real email account of an executive, business partner, employee or financial advisor in order to generate a fraudulent request for a transfer of funds. The email is normally well designed and appears legitimate.
The fraudulent email provides instructions to wire a large sum of money to a specific account that the fraudster controls. The accounts are connected to foreign banks where the funds can be quickly transferred out of.


Bogus Invoice  A business, which often has a long standing relationship with a supplier, is asked to wire funds to pay an invoice to an alternate, fraudulent account via email. The email request appears very similar to a legitimate account and would take very close scrutiny to determine if it was fraudulent.

Business Executive Fraud  The email accounts of high-level business executives (CFO, CTO, etc.) may be mimicked or hacked. A request for a wire transfer from the compromised email account is made to someone responsible for processing transfers.

Purchase Order  The email of an employee is hacked. The fraudsters then review the recent email activity and send a request to vendors for invoice payments to a fraudulently controlled bank account.

Mortgage Industry  Fraudsters target the emails of realtors, title/closing/settlement agents, buyers, and builders to divert money such as down payments and closing funds. The fraudster hacks into an email account and searches for specific information (amount of deposit, names of parties involved, deposit holder) regarding upcoming closings. The fraudster creates a new email to appear legitimate and directs the buyer/deposit holder to wire transfer the money to a fraudulent account.


Phishing emails preceded emails requesting additional details of the targeted business or individual.
Scareware or Ransomware cyber intrusions precede email wire transfer requests.
Open source email accounts for business or personnel are most often targeted.
Individuals responsible for handling wire transfers within a specific business are targeted.
Hacked emails often occur with a personal email account.
The phrases ”code to admin expenses” or “urgent wire transfer” frequently are included in fraudulent email requests.
The amount of the fraudulent wire transfer request is business specific; therefore, dollar amounts requested are similar to normal business transaction amounts.
Fraudulent emails coincide with business travel dates for executives whose emails are hacked.
IP addresses frequently trace back to free domain registrars.


Avoid free web-based email and rather establish a company/private domain and use it to establish email accounts in lieu of free, web-based accounts.

Be careful of what is posted to social media and company websites, especially job duties/descriptions, hierarchal information, and out of office details.

Be suspicious of requests for secrecy or pressure to take action quickly.

Consider two-factor authorization for high level IT and financial security functions. For example, establish a telephone call procedure to verify significant transactions outside the email environment.

Delete Spam immediately—unsolicited email from unknown parties. Do NOT open spam email, click on links in the email, or open attachments. These often contain malware that will give subjects access to your computer system.

Do not use the “Reply” option to respond to any financial emails. Instead, use the “Forward” option and use the correct email address or select it from the email address book to ensure the intended recipient’s correct email address is used.

Beware of sudden changes in business practices. For example, if a current business contact suddenly asks to be contacted via their personal email address when all previous official correspondence has been on a company email, the request could be fraudulent.
If you believe you received a request from a compromised email report it to the joint FBI/National White Collar Crime Center – Internet Crime Complaint Center (IC3) at www.ic3.gov.