IMGCAP(1)]In the past few months there has been a significant increase in the frequency of wire transfer scam attacks against accounting firms, according to Rickard Jorgensen, president of Jorgensen & Company, with more than a dozen CPA firms successfully targeted.
The fact pattern is simple, he observed.
“A CPA receives instructions from a client to wire funds, often to a new or overseas vendor. The request is usually communicated via email because the client is busy or is traveling or is in some other way not able to talk directly to the firm. The email appears to be legitimate and follows the usual tone and style of the client.”
After making the transfer in accordance with the emailed instructions, the accountant discovers that either the client’s email was hacked or that the email that requested the transfer was spoofed (that is, the email address is slightly different than the client’s email—usually by just one letter).
“Sometimes, the criminals even have the ability to produce a letter of authorization for this unauthorized wire request,” said Jorgensen.
While every attempted fraud is not exactly the same, there are certain common traits, he indicated.
Jorgensen said to be on the lookout for:
“Rush” requests—often, fraudulent requests insist that the funds transfer must happen as quickly as possible, due to some sort of emergency or purchase.
Not available by phone—the “client” states they cannot be reached by phone to confirm the request, but can do so at a later date.
Bad wording—the request includes unusual phrases, grammatical errors, and incorrect punctuation, spacing and/or capitalization.
The nature or amount of the expense is out of the ordinary, e.g., not one of the usual monthly expenses, or it’s a new vendor or a higher than normal disbursement.
The magnitude of these frauds is getting larger, Jorgensen noted. “One theft from an escrow account netted $440,000 and in a subsequent lawsuit against the bank, the client lost,” he said.
“A new twist is that the criminals are sending fraudulent emails that look like they are from company executives and request that large wire transfers be coded to’ a department within a company,” he cautioned.
FBI spokesman Dave S. Joly explained how the scam may unfold. “Messages are addressed to the company’s controller, treasurer or accounting officer and contain an attachment with detailed instructions,” he said. “The sender’s email address is usually similar to the company’s domain name or handle, with a single extra letter or number inserted. For example, the email address yourboss@legitimatecompany.com may be replaced by yourboss@legitimatecomipany.com.
Jorgensen recommends good risk management practices to combat mail-based wire fraud:
Ensure your firm has up-to-date policies regarding email-based wire requests, and that every firm member is aware of these policies.
Require verbal confirmation of every single email-based money movement request through a phone call to the client.
When speaking with your client, make sure the voice and behavior are in line with the voice and behavior of your client.
Require that more than one person in your office review all wire requests before they are sent for processing.
Notify your manager or partner if you suspect any fraud or fraud attempts.
“If you believe your firm or client was a victim of a scam, file a complaint at