How to stop email fraud, the costliest cybercrime

How to stop email fraud, the costliest cybercrime
Jeff Elder, 23 May 2019

Could one keystroke cost you $200,000? That happened to a homebuyer who didn't spot a misspelling in a fraudulent email address



Call it the Case of the $200,000 Typo.
A cybercriminal created an email address that was one subtle keystroke different from the email address of a real estate title company. The fraudster then emailed a homebuyer from that similar email address – [email protected] instead of the legitimate [email protected]. (See the tiny difference in the word title?) Accustomed to receiving emails from the title company, the homebuyer followed instructions in the email and wired the down payment for a house – to the criminal.  
“The funds were quickly routed out of the country before the victim realized it, and before they could report it to us,” says FBI Special Agent Kelsey Harris. “The loss in that incident was close to $200,000.”
Would you have caught that typo? Many people do not. In 2018, the FBI received 20,373 complaints of criminal email compromises with losses of over $1.2 billion, making it the most costly form of cybercrime. As in this case, the scam is frequently carried out when a criminal compromises legitimate business email accounts and then emails consumers or businesses to steal money or data. The business emails that are compromised are used to commit crimes – sometimes on an enormous scale.
A gang of Chinese fraudsters recently stole $18.6 million from an Italian company by convincing local managers in India that the money was needed for an acquisition, according to Indian police quoted in the Times of In ..