Skip to Main Content
News and Resources

Email Account Compromise

Cybersecurity, Fraud

Person typing on computer with a coffee cup on the tableWire fraud is on the rise, and anyone can be a victim. A common scheme we’re seeing these days is the Email Account Compromise (EAC). Its effects can be devastating, sometimes resulting in thousands of dollars lost for you or your company.

Are you familiar with the scheme? Do you know some of the red flags and how to prevent it?

The Scheme

  • Criminals unlawfully access an email account. This could be the email of a customer, boss, co-worker, friend, or even family member.
  • Criminals use their stolen information to create an email that looks like it could really come from them and appears like a legitimate wire transfer request to the receiver (you).
  • You are then tricked into conducting an unauthorized wire transfer and end up losing money before you know it!

The Red Flags

Fraud is not 100% preventable, but there are some red flags that you can look for to help prevent yourself from falling victim:

  • Were you expecting the request?
  • Did you talk to the person in-person or on the phone about it before the email request came?
  • Is the amount out of the norm for this person/company?
  • Is the timing, amount, or wire destination different than what you originally agreed to?
  • Has their email address been altered at all?
    [email protected] (real) vs. [email protected] (fake)
  • Does the email request use different language patterns than you’d usually expect when communicating with this specific person? (For example, are there a lot of misspellings or abbreviations when the send is usually always professional, or vice versa?)
  • Is the wire going to a foreign bank account with documented customer complaints?
  • Is the email marked Urgent, Secret, or Confidential, and this isn’t typical?
  • Is the requestor an assistant and you’re unable to confirm with their boss?

The Solution

No single transactional red flag necessarily indicates suspicious activity, but know your network and trust your gut.

Don’t be afraid to ask questions and verify. Pick up the phone and call. Use the phone number that you have on file and call the individual directly! Often people are appreciative when you double check. No one wants to fall victim of wire fraud.

Get more details from FinCEN Advisory here.