Email scams known as “CEO Fraud” are on the rise rapidly, Digitpol has reported a major increase in phishing attacks known as CEO or Invoice Fraud. CEO fraud is a type of “Email Compromise” or “Business Email Fraud”. There have been numerous recent cases reported in the media and the victims are located globally and often large scale firms. The US FBI recently put the estimate of losses in 2015 associated with BEC frauds in the hundreds of millions of dollars.
Digitpol, the International Investigation Agency has a specialized investigation team working to trace fugitives and fraudsters globally, Digitpol’s operational units deploy daily to assist with the recovery of funds and seizure of rogue bank accounts that are used to facilitate the transfer of scammed funds, Digitpol assists with tracing the funds transferred overseas in cooperation and liaising with International Police and Banks. Digitpol has key relationships with the global banking industry.
If your company has been targeted by Internet Fraud, CEO Fraud or Email Fraud and funds have been transferred to a bank account in Hong Kong or China, we can help you recover the funds, but only if you act fast and if you have the proof. If Digitpol is notified in time, Digitpol will stop and recover the funds, we can prevent the funds from been transferred further and assist with all matters such as reporting the crime to the local Police.
Such email scams often happen when fraudsters hack into the email accounts of targeted companies, often in Europe or the USA and over time, cyber criminals learn about their businesses and invoices that are due to be paid, fraudsters then use the information obtained to impersonate employees and suppliers, in order to arrange transfer of funds. According to the Latest Trend of Email Scams – CEO Email Scam published by the Hong Kong Police Force, email scams typically take the following forms:
Sale contract scam: fraudsters know from stolen emails about transactions between company A (the seller) and company B (the buyer). The fraudsters, pretending to be company A, send fictitious emails to company B, claiming that company A’s bank account has changed and requesting transfer of funds to the new bank account in Hong Kong.
CEO scam: pretending to be senior management officers of victim companies, fraudsters send fictitious emails to staff in the finance department, seeking the transfer of funds to overseas business partners or to make business investments on an urgent basis. The finance department staff are requested to transfer funds to a bank account in Hong Kong.
The misspelt domain name.
This is where the attacker will own the misspelt domain name, which closely resembles your domain, but is usually off by one character.
From: “CEO Name” <[email protected]>
In this case, anti-spoofing will not identify these messages. Instead, regular expressions can be applied to the From: line in order to identify the misspellings. Below are two regular expressions for a domain called example.com. These expressions are useful not just for these scams, but phishing in general. For efficiency, the regexes assume the first character is never changed, which is a fairly safe assumption because otherwise the domain would not look similar enough. Simply copy the pattern and apply to your own domain(s).
Character Substitution Regex
This expression identifies a domain where one of the letters in the domain has been replaced. It works by checking each letter for substitution (for instance [^m] means “any letter but m”).
If you suspect that you are, or have been, a victim of banking, email or internet fraud, the time to act is the most important element. The first approach is of most importance, a police report is to be filled at the Hong Kong Police Force, the report needs to be filled instant as the crime is discovered. If the report is filled in time there is a high possibility that the fraudster’s bank account can be seized and the funds frozen.
To file a Police report in Hong Kong, this can only be done in person at the police station or online at the E-Crime Section. The Police will first need to be satisfied that a crime is actually committed, this is done by the examination of evidence and the evidence of a crime. If sufficient evidence is presented the Police will take action. Digitpol can assist with compiling additional and supportive evidence into a report.
According to the Hong Kong Police Force, technology crime has remained an operational priority of the Commissioner of Police since 2012. In 2015, the Police Force established the new Cyber Security and Technology Crime Bureau so as to allocate extra manpower to combat and prevent technology crimes. Besides email scams, other common types of online business fraud often involve e-banking, e-auctions, e-purchases, online trading and the misuse of credit cards.
Digitpol can be reached 24/7 and can assist International firms recover funds.
Digitpol can be reached 24/7 on +852 3973 3884 or +852 53360558
Email: [email protected]