This is how thieves trick customers into wiring money to them

This lawsuit explains a prevalent scam.

More and more companies and their clients are falling victim to scams in which the customer wires money to the wrong account. A typo domain name is often involved.

For a simple explanation of how this works, take a look at this lawsuit (pdf) filed by law firm Revision Legal. In the suit, it explains:

12. On or prior to May 14, 2019, Defendant obtained improper and unauthorized access to Client’s email system.

13. Defendant then located emails between Plaintiff and Client pertaining to Client’s outstanding balance with Plaintiff for legal services.

14. Defendant then Defendant (sic) registered the “Infringing Domain” (revisoinlegal.com) which is a typosquatting registration as it transposes the “o” and “i” in “revision” and is intended to appear as Plaintiff’s URL, revisionlegal.com.

15. Defendant then inserted himself in the email thread while removing Plaintiff’s attorneys from the email thread.

16. Defendant then emailed Client falsely informing Client that Plaintiff was changing how it was accepting payments and attached an altered invoice instructing Client to send payment via wire transfer to Premier Bank, located at [removed] (“Fraudulent Account”).

17. Client, believing this information was accurate, wired in excess of $25,000 to the Defendant’s Fraudulent Account

Ouch.

A private equity group I invest with informed clients of a similar scheme perpetrated against it this year. Fortunately, a client noticed discrepancies in the email before becoming a victim.

It seems that email is the first line of defense. The perpetrators need to get into email to find out who the company’s clients are.