Business email scams target paychecks, accounts for companies

Danielle Deramo’s small business could have been wiped clean in a growing email scam that costs businesses an average $301 million each month.

Deramo’s partner Stephanie Falzerno opened an email asking her to pay an invoice for the Xenia business. The email appeared to come from Deramo.

Instead, it was a scammer who had both of their names, Stephanie’s email address and a fraudulent request that if followed could have resulted in their marketing firm, Just Say It, depositing money directly to a fraudster. Instead of replying to the email, Falzerno recognized it was sent from an iPad, which Deramo didn’t use, and reported the scam that has targeted the local small business several more times.

»BIZ BEAT: Kroger laying off hundreds of workers

“That would have been devastating for our company because we’re a small company,” Deramo said. “We carry a small balance in our checking account, so if it would have gone through, it could have wiped us out.”

The number of scams against U.S. companies have doubled in the past three years. In 2016 the U.S. Treasury received about 500 reports per month and businesses lost about $110 million each month to the growing business email compromise scams. By 2018, the Financial Crimes Enforcement Network was receiving 1,100 reports a month and businesses lost an average $301 million each month, according to a July report.

Miamisburg-based Secure Cyber Defense has seen increased activity in business email compromise scams in recent months, including some that aim to steal employees’ paychecks.

The scammers have tried to steal the paychecks of some Ohio employees by sending emails that appear to be from company leadership and employees to change the direct deposit account, said Shawn Waldman, CEO and founder of Miamisburg-based Secure Cyber Defense.

On Sept. 23, a Columbus-area employee reported to the BBB scam tracker that $2,100 was lost when a scammer requested to change the direct deposit account number. A similar scam happened at a Dayton business early last month, but the company didn’t follow through with the payment, according to the tracker.

“Unfortunately, you’re not going to know until your paycheck doesn’t show up that day,” Waldman said. “Most of this is just being vigilant with email and listening to your gut and not clicking on things that don’t feel right.”

»RELATED: Retailers catering to customers for cut of growing holiday spending

Scammers are also becoming more sophisticated, not only sending emails that appear to be from a boss, but actually hacking into the accounts of high-level executives’ through phishing scams.

“With the birth or the continued success mainly of things like Office 365, we’ve seen a huge increase in email compromise, specifically the business email compromise,” Waldman said. “Companies are moving to that platform and they’re not securing it properly.”

Once an email is compromised, scammers can monitor all the emails for sometimes months, evaluating communication, lingo and often bank account information. Sometimes the hackers can get into an entire network of employee emails.

Once the perfect scam opportunity pops up, the fraudster cuts off the actual email owner, redirects all the mail to a personal account and starts using the email to scam employees, customers and other executives.

“(The emails) come supposedly from your CEO, from your vendors and suppliers; they come from your company’s executive or Realtors, title companies or lawyers, or maybe it’s a senior employee. So it’s people in authority so to speak,” said Sheri Sword, spokeswoman for the Miami Valley Better Business Bureau. “So sometimes when you get that request you don’t question it. You go ahead and do what you’re being asked to do.”

»BIZ BEAT: Big Lots giving discounts up to $250 this weekend

Some of the biggest scams are through real estate transactions, where hackers will learn the name of a buyer, the closing cost of a property and the Realtor. Once scammers get all the information they need, they use emails identical to company branding to convince a home buyer to wire the often hundreds of thousands of dollars to a fraudulent bank account.

“It’s a great impact on our economy because that’s money lining scammers’ pockets instead of the businesses pockets,” Sword said. Many of the scammers come of Iran, Nigeria and other countries, Sword and Waldman both said.

Wire transfer scam results in an average $35,000 lost. Sometimes scammers will ask for gift cards instead, which average losses between $1,000 and $2,000, Sword said.

Waldman’s company has seen businesses lose millions of dollars, he said. Secure Cyber Defense helped a Cincinnati company recover $900,000 of $1.3 million that had been wired to a scammer’s offshore bank account after an email compromise scam, Waldman said.

“If they don’t call federal law enforcement within 72 hours, they probably won’t get their money back,” Waldman said. “There’s a time clock that starts on off-shore wire transfers. If you can get a hold of the Secret Service withing 72 hours, there’s a high probability that they can call that money back.”


Local Forever 21 store on list that could close in bankruptcy filing

5 things to know about new driver’s license requirement to get on a plane

Magic Castle making large investment in entertainment center

Local Gordman’s stores looking for seasonal workers

JCPenney needs workers to meet holiday demand

By the numbers

$301M: Stolen monthly through email compromise scams

$35K: Lost in average wire transfer scam

72: Hours to call Secret Service to get money back

About the Author