FDIC Digital Sign, using the official FDIC wordmark. This digital sign indicates the deposit institution is backed by the full faith and credit of the US government.
November 1, 2024

CyberSecurity Source | Fall 2024

Cyber Security

Emerging Email Compromise Scams

In today’s digital age, cybercriminals are constantly crafting new ways to access personal information. Among the emerging threats, email compromise scams are gaining traction, targeting individuals to steal valuable assets like cryptocurrency, banking details, or simply to monitor personal activities. While these attacks aren’t as commonplace as other cyber scams, it’s important to stay informed to protect yourself.

Here’s how you can recognize signs of email fraud and what steps to take if your account is compromised:

Signs of Email Compromise

Email compromise can happen subtly. Some red flags include receiving alerts about logins from unfamiliar locations, noticing sent messages you didn’t write, or failing to log in to your account due to password changes. Hackers often avoid locking out the real user right away, making it more difficult to detect the breach immediately.

A proactive step is to monitor your email account’s activity features, available on platforms like Gmail, Outlook, and Yahoo. These options allow you to see where and when your account was accessed. If you see logins from locations or devices you don’t recognize, it’s a red flag.

What To Do If You’re a Victim

If you suspect your email has been hacked, take immediate action. First, reset your password to something strong and unique, combining letters, numbers, and symbols. Consider enabling two-factor authentication (2FA) to add an extra layer of security. Then, review your account recovery options (security questions, linked phone numbers, backup emails) to make sure they haven’t been changed.

You may also want to inform your contacts not to open any links or attachments from emails you may have sent while compromised. Contact your email provider for further support, as they may provide guidance on account recovery and offer additional security tools, like Google’s Advanced Protection Program.

Monitoring Your Email Activity

Regular monitoring of email activity is a simple yet effective way to stay ahead of potential threats. For example, Gmail and Outlook offer ways to view recent logins, IP addresses, and locations, which can help you quickly spot any suspicious activity. You may also consider using identity theft protection products like our idINTEGRITY SCAN, as well as reputable antivirus software that can apply automatic updates to ensure your device has the latest security protections.

Although email compromise scams can be alarming, staying vigilant and informed can help you protect your accounts. Proactive steps like enabling 2FA, regularly monitoring activity, and acting quickly if your email is compromised are essential to maintaining online security.

Staying Safe from Wire Fraud Scams

As business continues to be conducted in the digital space, wire fraud scams are becoming more sophisticated, targeting both individuals and businesses. Criminals are no longer relying on easy-to-spot scams and are instead using clever techniques to impersonate trusted contacts so they can trick recipients into transferring funds or revealing sensitive information.

Understanding the criminals’ tactics, and knowing how to protect yourself, can make all the difference in keeping your sensitive information safe.

What is Wire Fraud?

Wire fraud typically involves "Business Email Compromise" (BEC), where scammers manipulate email addresses to impersonate trusted contacts. By sending emails that appear to come from legitimate sources, such as a real estate agent, they instruct recipients to transfer money or provide confidential information. These scams rely on email spoofing and social engineering techniques to exploit and manipulate email systems.

How Wire Fraud Scams Work

Wire fraud scams follow a general pattern:

1. Target Identification: Cybercriminals often research potential victims through social media or business websites, looking for individuals with financial responsibilities or access to sensitive information.

2. Spoofing & Social Engineering: Scammers create email addresses that look like they’re from legitimate contacts, changing small details that are easy to miss. Posing as someone trusted, they may ask the recipient to transfer funds or download files.

3. The Hook: Once the victim takes the bait, either by wiring funds or sharing information, the money is often quickly moved to different accounts, making recovery challenging.

Recognizing Warning Signs

Keep an eye out for these common signs of a wire fraud attempt:

- Unexpected Urgency: Messages with a sense of urgency or requiring "immediate action" are common in these scams.

- Last Minute Requests for Payment Changes: Be suspicious of sudden changes to payment instructions or requests for personal information.

- Email Anomalies: Watch for email addresses that look almost correct but have small, subtle differences.

How to Protect Yourself

1. Verify Requests: Always confirm payment instructions directly with the sender using a known phone number. Do not respond directly to suspicious emails.

2. Use Strong Security Measures: Activate two-factor authentication on your email accounts and keep all software up to date.

3. Double-Check Sender Information: Hover over links in emails to confirm the URL and carefully review the sender’s email address, paying attention to small differences.

4. Stay Cautious: Treat unexpected messages from unknown sources with caution. Don’t click on unknown links or open attachments unless you’re confident about the sender.

5. Practice Good Cyber Hygiene: Routinely back up important emails and documents, and be mindful of the permissions you grant to apps.

Acting Quickly

If you suspect you’ve been targeted by a wire fraud attempt, act quickly. Contact your bank immediately to report the incident and see how they can assist. Additionally, reporting the scam to the FBI’s Internet Crime Complaint Center (IC3) and reviewing your email security settings can help protect your accounts and make it more difficult for scammers in the future. By remaining vigilant and taking precautions individuals and businesses can better protect themselves from wire fraud scams, ensuring that sensitive information and hard-earned money stays safe.