1 min read

The Basic Framework of COVID-19 Themed Wire Fraud

The Basic Framework of COVID-19 Themed Wire Fraud

According to a report from Microsoft, COVID-19-themed cyber attacks spiked to nearly a million a day during the first week of March 2020. 

Business Email Compromise (BEC) and Wire Fraud

Now-a-day’s it’s very easy to find out via social media, names and titles of personnel within a company. Business Email Compromise (BEC) targets employees with access to company funds through compromised accounts belonging to CEO’s and senior management. Typically, hackers target businesses that process a lot wire transfers, with the goal of using social engineering to send money to the attacker or using malware to gain access to computers used by financial decision makers to then wire themselves money.

With the global pandemic, hackers are adapting their phishing campaigns using COVID-19 themed emails and even text messages. Messaging such as “due to the Coronavirus outbreak and precautions, please redirect all invoices to the following bank account..” Or referencing the federal government stimulus payments in order to get the user to click a malicious link and then infect their machine with malware.

 

Here’s how the wire fraud scam works:

  • Target the CEO, CFO or other financial decision-maker with malware intended to take over their computer.
  • Watch the email conversations, closely monitoring for opportunities to redirect wire transfers.
  • Redirect incoming emails related to pending wire transfers to the scammer’s mailbox folder.
  • Create a lookalike domain impersonating the corporation.
  • Fake Company A is now sending emails using spoofed real email addresses and names to those involved with the wire transfer from real Company B, hijacking the email thread with both parties/corporations using the new domain as the from address.  All replies will now no longer involve the real Company A.
  • Continue to reroute all inbound emails from Company A, removing any legitimate communications from Company B.
  • Provide new banking details to Company B for an existing, pending, wire transfer.

Essentially, the scammers target a specific company, create spoof domains and emails, spend a ton of time gathering intel and sorting through innumerable emails between the compromised mailbox and third parties including their bank, identifying contacts at the bank and either intercept or start new wire transfers.


 

New call-to-action

 

Teknologize has clients throughout the Pacific Northwest with offices located in the Tri-Cities, Washington 509.396.6640 and Bend, Oregon 541.848.6072.

How $43,000 Disappeared in an Instant: A Tale of CEO Fraud

How $43,000 Disappeared in an Instant: A Tale of CEO Fraud

This true story serves as a stark warning about the devastating impact of CEO Fraud on businesses, large and small. It's essential reading for anyone...

Read More
The Rise of AI-Driven Voice Scams

The Rise of AI-Driven Voice Scams

In the rapidly evolving digital landscape, the saying "That won't happen to me" is becoming a dangerous mindset for business owners when it comes to...

Read More
Don't Get Caught Off Guard: 5 New Cybersecurity Threats to Prepare For Now

Don't Get Caught Off Guard: 5 New Cybersecurity Threats to Prepare For Now

The year 2023 marked a significant turning point for cyber-attacks with the introduction of AI (artificial intelligence), now in the hands of people...

Read More