Quantcast
Home / Commentary / Email scams are getting tougher to spot

Email scams are getting tougher to spot

Marasco, JimIn the past, it was easy to spot fake and fraudulent emails. However, spammers and con artists have become increasingly more sophisticated in their approach. Accountants and attorneys are now being targeted by more elaborate email schemes. How do you protect yourself from being exploited?

Nigerian 419 schemes

At some point, most of us have been targeted by a “Nigerian Letter Fraud.” These scams are also referred to as a “419 Fraud,” which refers to the section of the Nigerian criminal code that involves these crimes. Originally, they were perpetrated through written letters and faxes originating from Nigeria. With the advent of the Internet, they are originating from all over the world.

According to FBI.gov, “Nigerian letter frauds combine the threat of impersonation fraud with a variation of an advance fee scheme in which a letter mailed from Nigeria offers the recipient the ‘opportunity’ to share in a percentage of millions of dollars that the author — a self-proclaimed government official — is trying to transfer illegally out of Nigeria. The recipient is encouraged to send information to the author, such as blank letterhead stationery, bank name and account numbers, and other identifying information using a fax number provided in the letter. Some of these letters have also been received via email through the Internet. The scheme relies on convincing a willing victim, who has demonstrated a ‘propensity for larceny’ by responding to the invitation, to send money to the author of the letter in Nigeria in several installments of increasing amounts for a variety of reasons.” Sound familiar?

Variations of this approach have been adapted, but the concept usually remains the same. Unfortunately, what seemed so obvious to spot has now become more difficult. The level of sophistication utilized by these criminals has increased.

The 2014 version

Today, these schemes are becoming increasingly disguised. First, emails have become personalized, targeting professionals like accountants and attorneys by name. They seem like a legitimate email. Second, they’ve abandoned the “advance fee” aspect that originally was identified with these frauds. The more recent emails describe scenarios where specialized assistance is being requested, along with retainer agreements, offering to pay you for your professional assistance.

The parties referenced include real companies and employees/owners whose names and addresses are included in the emails. Once they’ve convinced you that they are going to retain your services; they cast their net to try and deceive. The schemes typically involve:

* The thieves posing as an international company wishing to “retain” your services for a local matter;

* Actually sending you correspondence (email strings) or documents involving the parties named in the dispute. The documents look and read like they could conceivably be legitimate;

* Once they agree to “retain” you or your firm, they allegedly wire the requested retainer payment and then promptly cancel the engagement and request for the deposit to be returned. They offer falsified wire documents that make it seem like the transaction was consummated and convince you to return their funds. Once you initiate a wire to them, you discover that your account never received the original payment. As soon as you attempt to recover your wired funds, the money has been transferred across numerous banks and accounts throughout the world.

* Your retainer payment is made via cashier’s check (or a business check); sometimes in an amount greater than what was requested. Once you’re in receipt of the check, they acknowledge their “mistake,” and ask for a portion of it to be refunded. The cashier’s checks are such good forgeries; they may even fool the bank when they are initially deposited. By the time it’s discovered and the checks bounce, your refund payment to them was made and is unable to be recovered.

Safeguards

Most people hate to pass up an opportunity that comes their way. However, a bit of vigilance at the onset could save frustration and embarrassment later. Some precautions to be on alert for include:

* Look for email addresses that use Yahoo or Gmail. Officers of companies looking to retain professionals would most likely use a company email address. Be leery of emails coming from personal-type email addresses.

* Inquire about all the parties involved in the matter. As you would normally run a conflict check, request the parties and documentation supporting the issue for which you are to be retained.

* Perform some basic due diligence. Consider calling the U.S. party mentioned to confirm whether they are actually involved in a dispute and check the websites of both companies including the one “retaining” you. Although it may be an international call, consider calling the actual company and asking for the alleged official retaining you. Use the number of the actual company on their website vs. the number supplied on your email correspondence as this most likely will ring to a fraudulent answering service.

* Be extremely wary of new clients who overpay and subsequently request a refund. It’s rare a client would pay more than they’re billed. It’s even rarer for a new client to do so on their first remittance.

* If you believe you’ve been the victim, report it. Most people are embarrassed if they’ve been taken in by these scam artists. If you feel you have been cheated, report them to The Federal Trade Commission, The FBI Computer Complaint Center and the State Attorney General’s Office.

James Marasco, CPA, CIA, CFE, is a partner at EFP Rotenberg LLP, Certified Public Accountants and Business Consultants.

About James Marasco