Man on lap top sending a wire transfer.

August 26, 2019

Wire Fraud: The Complete Guide to Spotting a Fraud Attempt

A New York man recently pleaded guilty to wire fraud after stealing almost $200,000 from clients who thought he was investing their money in cryptocurrency, according to Bloomberg.

In Northern California, a woman who lost her home in the devastating 2018 Camp Fire was defrauded of her insurance funds and life savings—a total of $408,000—when she wired the money in response to a fraudulent email that appeared to come from the escrow company that was helping her purchase a new home, reports CBS.

Sadly, wire fraud is big business for criminals—and a huge risk for both individuals and businesses. In the past, fraudsters had to rely on boiler rooms and phone calls to target their victims.

Today, the internet offers a smorgasbord for would-be criminals to defraud. They can use email, text, social media messaging and other vehicles to commit crimes.

For instance, the New York cryptocurrency scammer, who called himself the Coyote of Wall Street, posted YouTube videos and falsely claimed on social media that he had traded more than $50 million in Bitcoin for thousands of clients. The activity lent him an aura of legitimacy that may have helped him scam his victims.

Like him and the fraudster that stole the California woman's life savings, cybercriminals have become increasingly aggressive in targeting your money. Their schemes may involve blatant wire transfer requests or they may promise you something of value (such as cryptocurrency investments), for which you must wire funds. The number of attempts is on the rise, and scammers are getting bolder and more sophisticated in their efforts to trick you.

Increasingly, the tool of choice for these criminals is email. “Many of the cases we are seeing involve social engineering or phishing for confidential information," said Briane Grey, corporate security manager for City National Bank.

Social engineering is a form of psychological manipulation that is most effective when scammers find out specific information about you that makes their request more believable.

For instance, when the Camp Fire victim received an email requesting her wire transfer, the email included the correct names of her escrow officers, along with the purchase price and address of the home she was scheduled to purchase. It didn't come from the escrow company's official email address, but that was easy to overlook given the level of detail involved. Local police told her the criminals probably hacked into the escrow company's database and discovered her information—which led her to believe the request was legitimate.

In an attempt to get your confidential account information, or convince you to wire funds, a scammer may pose as a colleague, client, or someone you or your company has done business with recently. In some cases, if they have access to your mail or invoices, they may pretend to be a vendor asking for funds to be wired to a new account.

The best way to help prevent wire fraud from occurring is to familiarize yourself with the ways in which fraudsters conduct an attack. These are some of the common red flags that should raise suspicion in a wire transfer request.

Red Flag #1: The Sender Places a “Rush Request”

The fraudulent email from the escrow company in Northern California said the sellers of the new home wanted to close earlier than planned and requested an immediate wire transfer. While it's not uncommon for a real estate closing date to change, it's always best to follow up electronic requests with a phone call.

“Often, the scammer will feign an emergency and insist that the transfer take place immediately," Grey said. Resist the hustle.

Red Flag #2: The Sender Refuses Phone Calls and Insists on Communicating via Email Only

If you're attempting to send a person a large sum of money and they won't even talk to you by phone, something's probably wrong.

“Sometimes the person requesting the transfer will claim an inability to be reached now, but will promise to confirm at a later date," Grey said. “You should treat this as the implausibility it is and insist on hearing directly from the person requesting funds."

Red Flag #3: The Sender Uses Odd or Incorrect Words, Spelling, or Phrases

If you're dealing with a professional, you should expect their email and other communications to make sense and appear professional. But it's extremely common for fraudsters' emails to arrive riddled with spelling and grammar mistakes, which is a red flag.

“While some fraudsters can pass for polished business communicators, many cannot," Grey said. “It might be bizarre phrasing, awkward English, poor grammatical choices, incorrect punctuation, or simply weird spacing or capitalization. These all suggest that you may be dealing with someone other than a legitimate contact."

Red Flag #4: The Nature of the Amount Requested is Unusual or Inconsistent with Previous Practice

“If the request is out of the ordinary — especially if it's way out of the ordinary — that's a reason for you to question it," Grey said. “You and your team should watch the patterns associated with the people you do business with  and keep an eye out for larger-than-normal amounts or requests to transfer money to new locations."

Red Flag #5: The Return Email is Incorrect

Even if an email appears legitimate, always check the return address before sending any money. In most cases, a financial institution, lawyer's office or other legitimate organization requesting funds will not use a Gmail or Yahoo email address; they will use a branded company email address. Some fraudsters will try to imitate the legitimate company email address but make it slightly different, so check closely.

“This is a five-alarm warning to any financial institution," Grey said. “There should be a 'no-exceptions' practice with every wire transfer request to examine closely and double-check return email addresses. It can be just one letter off and you'll know you're being spoofed."

Individuals and business owners should also watch out for large monetary requests that ask to be “coded" to a department within the company, or requests accompanied by detailed instructions with return addresses that are incorrect or have one or more extra letters added — all further indications of spoofing, Grey said.

“Be vigilant, use common sense and take a detailed approach," he added. “Above all, insist on verbally verifying requests before you wire the money. Fraudsters are getting bolder and the amounts are getting bigger. Take the steps you need to take to keep from becoming the latest victim."

Thank you for subscribing!
Error. This is not a valid email address. Please try again.
Error. Please make sure all fields are properly filled out and try again.
Subscribe to Our Newsletter

This article is for general information and education only. It is provided as a courtesy to the clients and friends of City National Bank (City National). City National does not warrant that it is accurate or complete. Opinions expressed and estimates or projections given are those of the authors or persons quoted as of the date of the article with no obligation to update or notify of inaccuracy or change. This article may not be reproduced, distributed or further published by any person without the written consent of City National. Please cite source when quoting.