Recently, an employee at one of my clients received an e-mail from one of the company’s owners. It said a wire transfer needs to be made and details would follow. It was signed with just a first name.
This attempted email fraud looked very legitimate – luckily, the recipient noticed a dash in the domain name portion of the e-mail address. For instance instead of @xyzcorp.com, it said @xyz-corp.com. That guy deserves an “Atta boy!” He forwarded the e-mail to the sender and asked what’s going on.
I did some research and found that this was the crook’s second attempt in a few hours. The first attempt was sent to a person in accounting who doesn’t work there anymore.
A quick WHOIS query told me who registered the fraudulent domain name, assuming that information wasn’t also forged. It should have been, but the crooks may have screwed up there.
I don’t know how this will play out yet, but I filed a complaint with the IC3 (Internet Crime Complaint Center) which is run by the FBI and the National White Collar Crime Center. If I don’t hear from them about this attempted email fraud, I will contact the registrar who registered the domain name and go from there.
If you are the victim, or the intended victim of cybercrime, go here and fill out the form: http://www.ic3.gov
Follow up: I was never contacted by IC3, so I sent an email to “domain abuse” at the registrar. Within a few hours, they suspended the fraudulent domain.