Skip to Main Content

Wire fraud & business email compromise

Wire transfers are a high-risk activity frequently targeted by fraudsters because of the ease of providing fraudulent instruction combined with the quickness of moving large sums of money.
A man holding his phone looking away

Cybercriminals have gone to great lengths to commit theft or fraud by manipulating credit union executives, employees, and even business members using fake, spoofed, or doctored emails, calls, and even deepfakes or digitally altered recordings. The surge of business email compromise (BEC) and fraudulent instruction scams typically request large wire transfers. These urgent or pay immediately requests hope that an employee does not take time to scrutinize the request and often exceed $1 million.

BEC schemes continued to be the costliest in 2020 with 19,369 complaints with an adjusted loss of approximately $1.8 Billion according to the Internet Crime Report from the FBI.

An increase in these scam-related losses coincides with the increase in remote working, suggesting that detecting and preventing social engineering scams has become more difficult with an increase in distractions.

More wire fraud and business email compromise information

  • Business email compromise (BEC) and fraudulent instruction are accomplished by either phishing an executive and using compromised email credentials or by spoofing a legit email address from a look-alike domain name. Either way, the intent is to induce an employee to act quickly to make a wire transfer, payment, or transfer sensitive data to cybercriminals.

    All employees involved with wire transfers should receive training on these scams and the procedures for handling internal wire transfer requests.

  • These scams typically involve an executive-level employee’s email or phone number that has been compromised or spoofed through a phishing attack. The fraudsters create an email or text appearing to be sent from the executive to another individual within the organization requesting a payment — typically wire transfer.

    A few simple action steps that can help protect your credit union is to have employees confirm the legitimacy of the request by verifying with the C-suite executive and authenticate using a different communications channel (out-of-band authentication), such as verifying face-to-face with the requestor or calling the requestor’s phone extension or cell phone.

  • Implementing dual control — using two or more employees — can provide additional checkpoints to ensure requests and payments appear and are transacted legitimately.

  • It’s important to educate your members — especially business members — about the possibility of this scam and how to protect themselves. Consider adopting a written wire transfer agreement for business members due to the size of their potential wire transfer requests. In the absence of a signed wire transfer agreement, require business members to request large dollar wires in person.

    Remember, the member could be liable for the loss of funds, so it’s critical they know how to spot the warning signs for this type of fraud.

  • A common approach associated with real estate wire scams has a member/purchaser receiving an email with bogus instructions, shortly before the loan closing. You should establish procedures to call the title company/closing agent using a reliable phone number on record to verify the legitimacy of wire transfer instructions received by email or fax. Additionally, some establish a passcode in advance to be used in conjunction with the callback and verification process.

  • Educating members upfront can be extremely helpful. Provide reminders such as:

    • Warning them to be wary of any last-minute wire transfer changes
    • Suggesting they gather all telephone numbers for agents, title company, etc. at the signing of the purchase contract and compare any changes shortly before closing
    • Calling to confirm any wiring instructions
    • Avoiding sending financial information through email
  • Asking members if they have received the wire instructions via email and if so, did they verify instructions with the closing agent using a verified telephone number can be helpful.

Ask a risk consultant

Please complete this brief form to route your question to one of our risk consultants.

Ask a risk consultant

Related resources:

Access the Business Protection Resource Center* for exclusive risk and compliance resources to assist with your loss control efforts.

Fraud & scams eBook

Call center fraud risk overview*

Wire transfer risk overview*

Business email compromise & fraudulent instruction*

On-Demand Webinar: Don’t Fall Victim to the Latest Fraud & Scam Trends

On-Demand Webinar: Wire Transfer Fraud & Compliance

RISK Alert: Fraudsters Use BEC to Target Lack of Protection or Loose Controls* (12/01/22)

RISK Alert: Liability for Wire Fraud Schemes Targeting Real Estate Closings* (1/18/2022)

RISK Alert: Mortgage Closings Targeted In Compromised Email Scams* (10/20/2020)

RISK Alert: Fraudulent Wire Transfers Generated From Email Scams* (10/6/2020)

RISK Alert: Business Email Compromise Scams Look to Exploit Remote Workers (5/12/2020)