FinCEN Issues Advisory on Email Compromise Fraud

With email compromise schemes — in which criminals fraudulently persuade individuals and companies to transfer funds — on the rise, the Financial Crimes Enforcement Network issued an advisory to financial institutions today to help them identify and prevent these frauds. The advisory covered business email compromises, in which criminals target a business customer of a bank, and email account compromises, which are targeted at personal bank accounts. The hallmark of these frauds is that they hack or spoof email accounts to take advantage of employees’ or financial institutions’ trust in existing customer relationships.

Since 2013, email compromise fraud has accounted for $3.1 billion in losses. “In some cases, financial institutions have absorbed losses through reimbursing customers victimized by email compromise fraud,” FinCEN said, noting that preventing this fraud involves collaboration among banks’ compliance, anti-money laundering, fraud and cybersecurity teams.

FinCEN identified several red flags for email compromise fraud, including transaction instructions with different languages, amounts, account information, authorizers and email addresses than are usually used; directions to deposit funds with a foreign bank previously implicated in such schemes; emails marked “urgent” or “secret” or otherwise trying to limit the time a financial institution would spend authenticating the transaction; and follow-up transaction requests seeking additional payments into new accounts.

For financial institutions concerned that they have inadvertently facilitated a fraudulent funds transfer, FinCEN urged immediate reporting of unauthorized transfers to the Federal Bureau of Investigation or the U.S. Secret Service. “FinCEN has had greater success in recovering funds when victims or financial institutions report BEC-unauthorized wire transfers to law enforcement within 24 hours,” it said, noting that these reports are separate from Bank Secrecy Act reporting requirements.