Greetings!
We are grateful to have the opportunity to provide you this valuable information via our monthly e-newsletter and our unparalleled forensic accounting, expert witness, and fraud investigative services.
The goal of this e-newsletter is to provide you critical, inside information that will help you "follow the money" in business disputes, divorce cases, fraud cases, estate matters, corporate embezzlement, and to prevail when defending an IRS criminal case. We do this by sharing the knowledge we have from our 25+ years of experience as an IRS Special Agent and 20 years as a private investigator / forensic accountant.
We take special care to ensure the information we provide you in "The Beacon" is the latest and most current information available. This edition talks about the account take over (ATO) cybercrime scheme.
We want to write about topics that will help you prevail with fraud, divorce, estate and probate, and IRS criminal cases. Please e-mail us your topics of interest to Thebeacon@sageinvestigations.com.
We encourage you to share our e-newsletter with others in your sphere of influence.
Sincerely,
Edmond J. Martin
Principal, Chief Investigator
Certified Fraud Examiner (CFE)
Texas Board Certified Investigator (TBCI)
|
|
Cybercrime – Account Take Over (ATO) Scheme
|
Account takeover fraud (ATO) generally happens when a cybercriminal gains access to the victim's login credentials to steal funds or information. Fraudsters digitally break into a financial bank account to take control of it and have a variety of techniques at their disposal to achieve this, such as phishing, malware, and man-in-the-middle attacks, among others. ATO is a top threat to financial institutions and their customers due to the financial losses and mitigation efforts. ATO is continually evolving and is a constant threat.[1]
The following scenario is unique. The perpetrators were inside the lender's network. A client's firm received short-term financing from a company via the Internet. When the loan term expired, the firm attempted to pay off the balance due. The conversation through emails was regarding the payment of $50,000, and wire transfer instructions to ABC Bank were cordial. The negotiations changed from payment to an extension of the loan and a signature on a new addendum. The client was required to pay off the initial loan, and then the lender would be refunded under revised terms and conditions.
The client's last email with a valid email was at 7:00 AM Tuesday. The next day at 7:00 AM, the client received an email from what appeared to be the lender but contained a subtle change. The email address had a zero "0" in the place of an "o." In addition, the email included the following statement:
"Due to the auditing and upgrading going on in our account by our bank as a result of irregular deductions from our company bank account on tax-related issues, Do not make payment to our ABC Bank account yet. Our account department just informed me that the account is undergoing its yearly audition so we won't be using it for any transaction again. Attached you will find our updated wiring instructions for your remittance. Apologies for any inconvenience."
In their haste to make the payment, the client's staff did not notice the change in the email address and the reason for the change by the bank. They followed the instructions and sent the $50,000. The fraudster continued with the charade over the next few days, asking when the funds were wired and when they could expect payment.
The client contacted their bank and was advised that the funds were wired and it was a scam, so nothing could be done.
The client contacted a Private Investigator who advised them to contact the fraud unit at their bank. The Investigator reviewed the email chain and identified the subtle change in the email address and the misstatements being the reason for the bank and wire instructions change. With that information, the client contacted the fraud unit of Wells Fargo Bank, and they were successful in stopping the delivery of the wire transfer.
This type of ATO happens daily in different manners and will continue because we have such quick access to our money through many digital means. Calling back the wired funds is difficult because the fraudster and their accomplices withdraw the money. This scenario is an example of an unsuccessful account takeover scheme. When dealing with your money or access to your accounts, whether bank or software accounts, stop, be skeptical, ask yourself if this email request is logical and always examine the email address. Major companies have their own internet domain and do not use Gmail or Yahoo.
|
|
Contact Us
P.O. Box 160161
Austin, TX 78716
Phone: 512-659-3179
Fax: 512-328-6878
Texas License #A10803
|
|
Serving your needs is our priority.
|
At Sage Investigations, we are dedicated to serving our clients nationally, to help them navigate the difficulties of dealing with fraud, divorce, estate and probate, the IRS Criminal Investigation, and other complex (forensic) financial fraud investigations. By narrowing our focus to our primary strength of “following the money,” we steer our knowledge, efforts, and experience to financial issues. We help our clients propel their cases forward by assisting in the review, acquisition, and organization of financial records, evaluating the elements of their cases, and helping create winning strategies. Through the use of our proprietary advanced financial investigative technology, we trace and analyze complex financial data quickly, easily, and efficiently, saving our client's time and money.
Sage handles all cases with altruism, professionalism, honesty, integrity, passion, and respect. When you hire Sage, you hire a team of professionals with skill and knowledge that helps you have more effective solutions. We are innovative with our DIO cutting edge technology, and perform every investigation in an orderly and organized manner to develop a clear investigative roadmap and deliver a quality work product. The compass that guides us is strong leadership and accountability. Learn more ...
|
|
© 2022 Sage Investigations. All rights reserved.
|
|
|
|
|
|
|