Email scammers extract over $300m a month from American suits' pockets

FinCEN has recovered more than $500m to date

While you're sweating to make an honest crust, email scammers are counting at least $301m in untaxed takings every month in the US alone, according to research by the Financial Crimes Enforcement Network.

The FinCEN agency tallied the figures for 2018 (PDF) and found the number of suspicious activity reports describing business email compromises had more than doubled from around 500 per month in 2016, to over 1,100 per month last year.

Meanwhile, the number of scammers ballsy enough to impersonate a CEO or other members of the C-suite declined to 12 per cent, down from 33 per cent in 2017.

The total value of attempted scams more than tripled in the same period.

The agency revealed the favourite method of extracting payment information in 2018 involved fraudulent vendor or client invoices, with this method responsible for 39 per cent of incidents in 2018, up from 30 per cent in 2017.

American manufacturing and construction businesses were the top targets for business email fraud, in both 2017 and 2018.

FinCEN is a bureau of the US Department of the Treasury, established in 1990 to combat money laundering, terrorist financing and other financial crimes. In recent years, it has assumed a more active role in the cybercrim arena and cryptocurrency markets.

One of its specialist subjects is email scams, mostly involving fraudulent payment instructions sent to financial institutions or businesses in order to help criminals get their hands on corporate funds.

FinCEN said that, working with law enforcement agencies, it had managed to stop misappropriation of more than $500m via email to date – including $200m since 2017.

The agency has issued an updated advisory on email fraud schemes detailing red flags — developed in consultation with the FBI and the US Secret Service — that financial institutions may use to identify and prevent popular methods of email fraud.

The advisory also suggests that financial institutions could share information about accounts affiliated with email compromise schemes to identify risks of fraudulent transactions and money laundering – FinCEN can't force them to do this so it's asking nicely.

"FinCEN has been a global leader and innovator in countering BEC [Business Email Compromise] breaches and their devastating effects on businesses, individuals, and national security," said FinCEN director Kenneth Blanco.

"The Bank Secrecy Act data is a critical resource in combatting all types of financial crime. We hold, safeguard, and analyse that data and we share our expertise with law enforcement and our industry partners to help make America safer." ®

Other stories you might like

  • Proposed Innovation Act amendment would block US investment in China
    We're just astounded to see bipartisan efforts in Congress in this day and age

    A draft US law that would, for one thing, subsidize the US semiconductor industry, has gained an amendment that would turn the screws on American investments in foreign countries.

    The proposed update states that semiconductors, large-capacity batteries, pharmaceuticals, rare-earth elements biotech, AI, quantum computing, hypersonics, fintech and autonomous technologies are all included as sectors in which foreign investment would be limited, specifically in "countries of concern," or those considered foreign adversaries, like China. The amendment also would restrict construction investments and joint ventures that would involve sharing of IP and monetary rewards.

    US entities that have invested in a sector or country covered under the amendment would be required to notify the federal government, and the proposal also includes authorization for the executive branch to form an interagency panel responsible for reviewing and blocking foreign investments on national security grounds, the Wall Street Journal said of the amendment.

    Continue reading
  • NASA to commission independent UFO study
    The truth is out there, and the space agency intends to find it – scientifically

    Over recent years, Uncle Sam has loosened its tight-lipped if not dismissive stance on UFOs, or "unidentified aerial phenomena", lest anyone think we're talking about aliens. Now, NASA is the latest body to get in on the act.

    In a statement released June 9, the space agency announced it would be commissioning a study team, starting work in the fall, to examine unidentified aerial phenomena or UAPs, which it defined as "observations of events in the sky that cannot be identified as aircraft or known natural phenomena."

    NASA emphasized that the study would be from a "scientific perspective" – because "that's what we do" – and focus on "identifying available data, how best to collect future data, and how NASA can use that data to move the scientific understanding of UAPs forward."

    Continue reading
  • Russia, China warn US its cyber support of Ukraine has consequences
    Countries that accept US infosec help told they could pay a price too

    Russia and China have each warned the United States that the offensive cyber-ops it ran to support Ukraine were acts of aggression that invite reprisal.

    The US has acknowledged it assisted Ukraine to shore up its cyber defences, conducted information operations, and took offensive actions during Russia's illegal invasion.

    While many nations occasionally mention they possess offensive cyber-weapons and won't be afraid to use them, admissions they've been used are rare. US Cyber Command chief General Paul Nakasone's public remarks to that effect were therefore unusual.

    Continue reading

Biting the hand that feeds IT © 1998–2022