Law office scammed by phishing email; U.S. Attorney’s Office uses Civil Forfeiture to Recover $273,082.50

Published 6:37 am Thursday, July 27, 2023

Jackson, Miss. – On July 7, 2023, U.S. District Judge Taylor B. McNeel entered Final Judgment of Forfeiture against all funds held in a Bank First account totaling $273,082.50, announced U.S. Attorney Darren LaMarca.  According to the Verified Complaint for Forfeiture in Rem filed by the U.S. Attorney’s Office, the Bank First bank account—opened in February 2023—had been the recipient of fraud proceeds deposited by the perpetrator of a business email compromise scheme (BEC).

“Victims of fraud often feel embarrassed or ashamed that they were victimized, and often fail to report the crime, fearing that they will appear foolish,” LaMarca said.  “In reality, it is the perpetrators of the fraud who should be ashamed.  Victims should know that people from all walks of life fall victim to criminals using a variety of methods to trick people and steal their money.”

A BEC is a sophisticated scam, often targeting businesses involved in wire transfer payments.  The fraud is carried out by compromising and/or “spoofing” legitimate business email accounts through social engineering or computer intrusion techniques.  It causes employees of the victim company (or other individuals involved in legitimate business transactions with them) to transfer funds to accounts the scammers control.

The complaint was filed April 27, alleging that on March 30, 2023, an employee of the victim—a law firm—received an email purportedly from one of the firm’s clients, falsely instructing the employee to wire transfer funds owed by the firm to the client.  The spoofed email appeared to be from the firm’s client and listed the account to which the funds were to be transferred.

The employee followed the instructions in the fraudulent email and wired funds into the account.  A few days later, the perpetrator of the fraud used $250,000 of the funds to purchase a Wells Fargo cashier’s check and withdrew $50,000 in cash.  Most of these funds were then deposited into the Bank First account.

After a third-party computer company employed by the law firm investigated the wire transfer, the firm discovered that the wire transfer had been sent to the fraud perpetrator rather than the client and contacted law enforcement.

The victim filed a claim in the civil forfeiture proceeding and filed a subsequent answer, in which it explained that it had been the victim of the fraud scheme.  The U.S. Attorney’s Office validated the victim’s claim and asked the Court to enter a Final Judgment ordering the return of the $273,082.50 to the victim and canceling the interests of any other person or entity.

“I want to thank Wells Fargo and Bank First for their cooperation and rapid response which led to a just outcome,” LaMarca said.

The United States Secret Service conducted the investigation. The USAO Asset Recovery Unit team led by AUSA Clay B. Baldwin handled the matter.

Business Email Compromise schemes can be prevented. Here are some tips:

• Independently obtain mortgage payoff statements and confirm with verified and trusted sources.

• Independently verify the authenticity of information included in correspondence and statements.

• Enable Multi-Factor Authentication (MFA) on all email accounts.

• Routinely change passwords.

• Routinely monitor email account access, check for unauthorized email rules and forwarding settings.

• Restrict wire transfers to known and previously verified accounts.

• Pay using checks when the information cannot be independently verified.

• Have a clear and detailed Incident Response Plan.

For more information visit the Secret Service’s Preparing for a Cyber Incident page. To learn more about the Secret Service and efforts to combat Business Email Compromise fraud, please click here.