The FBI Denver Division has received an increase in “business e-mail compromises” complaints. The fraud occurs when the controller, treasurer, or accounting officer at the business receives an e-mail that appears to be from the company executive. The e-mail is a request that a wire transfer be sent. The fraudulent e-mail appears to have originated from an executive within the company or appears to be an e-mail chain forwarded from company executives. The e-mail includes an attachment with instructions for the wire transfer.

The domain name used to send the fraudulent e-mail is similar to the company’s domain name with a minor change. The domain name used for the fraudulent activity will contain an additional letter or number in the middle of the company’s name. The following is an example of a changed domain used for fraudulent activity: the domain name of the business is “legitimatecompanyABC123.com,” and the domain name used to commit the fraud is “legitimatecomipanyABC123.com.”

The following are examples of e-mails used to commit the fraud:

Bob,

Process a wire transfer for $277,281.49 to the attached account information. This should be coded to Professional Services. Send me the confirmation when done.

Thanks,

Tom

Sue,

Process a wire transfer for $354,017.93 to the attached instructions, code to admin expenses. Send me the wire confirmation once done.

Jill

On June 26, 2014, the Internet Crime Complaint Center issued a scam alert with additional information about business e-mail compromises.

On December 2, 2013, the FBI furnished information about a similar fraud targeting businesses in the Seattle area. The release, “‘Man-in-the-E-Mail’ Fraud Could Victimize Area Businesses" is available on the FBI website.

Companies that are victims or intended victims of the above fraud are encouraged to report the incidents to the Internet Crime Complaint Center (IC3) at www.ic3.gov.

The following information should be included in the report to IC3:

• Header information from e-mail messages
• Identifiers for the perpetrator (i.e., name, website, bank account, e-mail addresses)
• Details on how, why, and when you believe you were defrauded
• Actual and attempted loss amounts
• Other relevant information you believe is necessary to support your complaint
• Reference to the business e-mail compromise