Email scams are by far the costliest cybercrime



EMAIL-SCAMS


© AP
EMAIL-SCAMS

A shopping spree in Beverly Hillsa luxury vacation in Mexico, a bank account that went from $299.77 to $1.4 million overnight. It looked as if Moe and Kateryna Abourched had hit the jackpot, but their sudden wealth didn’t come from some lucky numbers.

In reality, what happened was that a school district in Michigan was tricked into sending its monthly health insurance payments to the bank account of a nail salon owned by the Abourcheds, according to a search warrant filed by a U.S. agent. Secret Service in federal court.

Police say the school district — and taxpayers — fell victim to an online scam known as Business Email Compromise, or BEC, a type of fraud in which Criminals hack email accounts, impersonate another person or institution, and trick victims into sending money elsewhere.

The couple claims to be innocent and has not yet been charged with any crime.

BEC scams receive far less attention than the massive ransomware attacks that have drawn a strong government response, but BEC scams have been by far the costliest type of cybercrime in the United States for years, according to the FBIsiphoning billions of dollars out of the economy while authorities struggle to combat it.

The huge profits and low risks associated with BEC scams have attracted criminals all over the world. Some even flaunt their ill-gotten gains on social media, posing for photos next to luxury cars like Ferraris, Bentleys and piles of cash.

“The scammers are extremely well organized and the law enforcement agencies are not,” admitted Sherry Williams, director of a San Francisco nonprofit organization that was recently duped by one such BEC scam.

US losses from BEC scams in 2021 were nearly $2.4 billion, according to a new FBI report. It is an increase of 33% compared to 2020 and more than 10 times compared to just seven years ago. And experts say many victims never file complaints and the FBI figures are just a tiny fraction of the total money stolen.

“It’s one of the most lucrative things,” said Shalabh Mohan, an executive at cybersecurity firm Area 1 Security.

In the Grand Rapids nail salon case, police say $2.8 million was stolen. The banks were able to recover half of the sum once they discovered the scam, court documents show.

In an affidavit as part of a search warrant application, a Secret Service agent said someone hacked into the email account of one of the school district’s human resources employees and sent emails that persuaded a colleague at the Finance department to change the bank account where health insurance payments were sent.

Emails were brief and courteous. “Please update” the records, one said, using words the real human resources employee never uses, she later told police.

Police traced the money to the bank account of the nail salon owned by the Abourcheds, the affidavit said. Once the theft was detected, Moe Abourched contacted Grand Rapids police and said he had been tricked by a European woman named “Dora” into accepting the funds and sending them to other accounts, according to the police. sworn declaration.

The Secret Service agent said Abourched’s account is false and that he had used a similar ruse on police following receiving money from another BEC scam once morest a Florida storage company.

Police placed the couple under surveillance and in October raided their apartment, offices and BMW, court documents show. Police said earlier this year that they needed more time to examine data on the couple’s cellphones and computers.

The Abourched’s attorney, Kevin Gres, said their clients had not committed any crime and that no charges should be filed. “My clients were unwitting victims in this scheme,” he said.

Leave a Replay