A sophisticated email scam referred to by the FBI as Business Email Compromise (BEC) has been targeting US businesses making international shipments. This scam occurs when an email is sent from a fake account claiming to be from a US company and requests the wire payment be rerouted to another bank account. Once the wire is sent, this money is not able to be recovered. An AHEC member was recently impersonated using this scam and their customer lost a substantial amount of money. Fortunately this matter has been resolved, but the FBI warns of increasing prevalence of this scam.
In order to prevent this sort of scam from happening to you or your customer, please be cognizant of any red flags during the payment correspondence. If you notice any of the following, proceed with caution.
- Non-company standard email address (using @yahoo, @gmail.com, or other generic email when previously you were dealing with someone using an @company-name domain)
- Misspelled email address (sometimes using a capital “i” instead of a lowercase “L”, etc)
- Emails supposedly coming from the US with extremely poor grammar and misspelled words
- Suggesting you click on a web link to download invoice, log in, etc.
- File attachments that end in .exe or other non document file types (this is a program, NEVER open an attachment ending in .exe that someone sends you over email)
- Bank information is different than previous orders or the purchase order/contract
When in doubt, forward the email to someone else at the company you know and confirm the new email address.
To report suspected BEC or other phishing activity, reach out to your local FBI field office at www.fbi.gov.
Source: American Hardwood Export Council