cognitive cybersecurity intelligence

News and Analysis


US Retrieves $2.4 Million Gained Through Business Email Scam

Alright, let’s spill the tea on a bit of drama that recently unfolded in sunny Orlando, Florida. Picture this: a hefty sum of nearly two and a half million dollars suddenly vanishes thanks to a classic case of cyber trickery! But fear not, for this story has a silver lining.

Pull up a chair. This story starts off at a semiconductor packaging firm—let’s call them Company 1. Now this company was merrily doing business with a heavy equipment manufacturer, whom we’ll refer to as Company 2. All was going rather swimmingly until one fine day in April 2022, when Company 1 received an email that looked like it was from Company 2.

The email seemed legitimate, saying they couldn’t accept their usual payment due to an ‘annual update’ – sounds plausible, right? So, they requested Company 1 to transfer the hefty sum of $2,462,000 to a different account. Little did Company 1 know that it had been fooled into transferring a stack of cash to some wily cyber rogue!

Thankfully, they cottoned onto the deception rather quickly and got their bank to freeze the funds. Armed with this information, the United States Secret Service got their fictional deerstalkers on and discovered the only signatory on the account—the chap we’ll call S.T. To everyone’s surprise, S.T. had no idea that he was in possession of such a small fortune. He denied being involved, claiming he’d given his banking information to a group of individuals at a Bitcoin conference for services rendered.

S.T. told the investigators he’d had dealings with the group mostly through WeChat—but when he confronted the group about the unexpected deposit, they denied any fraudulent activity. Thanks to the quick actions of Company 1 and their bank, the authorities managed to seize the entire sum before it vanished into the ether.

The tale gets better as the money was not lost forever. U.S. Attorney Handberg ensured that the ill-gotten gains were confiscated and handed back to the rightful owner. Sweet justice, indeed! This tool of ‘civil forfeiture’ has actually been pretty handy in restoring stolen funds to victims, with Florida alone having distributed nearly $44 million in 2023.

However, before you breathe a sigh of relief, it’s worth noting that our misfortune is one example of the growingly sophisticated scams threatening our wallets. Worse still, despite altogether valiant efforts from the authorities, the original scam artists still remain at large.

This unfortunate tale of trickery serves as a grim reminder of the risk we face due to ever-evolving email scams. Each day people globally lose an estimated $8 million to such fraud. These crafty cybercriminals use clever hacking techniques to compromise business email accounts, mask their true identity, and ultimately trick us good folks into sending them money.

To avoid falling prey to such scams, always mind your Ps and Qs when it comes to email addresses. Never ever agree to a change of payments without speaking directly to the intended recipient. If you think you’ve been duped, reach out to your bank and consider making a report to the Internet Crime Complaint Centre.

The moral of the story? Always be cautious in the cyber world. Keep your wits about you, and hopefully, you won’t be the star of a future cautionary tale such as this.

by Parker Bytes

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts