Beware of the Latest 'Human Hacking' Scam
Online scams are evolving. Instead of hacking into computer systems, today many scammers engage in what’s called “social engineering fraud” or “human hacking,” exploiting people’s trust and inducing people to disclose sensitive information. One scam in particular, called the “Business Email Compromise,” has convinced many corporate employees to transfer millions of dollars to fake entities. This is how it works, according to a recent blog post from Erik Janitens of Norton Rose Fulbright: the victims get a phone call from a scammer, pretending to be a lawyer or executive. The scammer convinces the person to transfer funds to an international account. The fraudsters are sophisticated: they check social media to find out who is out of town and then create a fake email, impersonating the asker. The FBI estimates more than 12,000 businesses have lost $2 billion to these email fraud schemes since October 2013. To protect against this scheme, Janitens suggests stronger IT systems which detect emails that are similar to company emails but fraudulent. He also says international financial controls need to be tightened and should require multiple people to sign off on a transfer of funds.