Cybercriminals are increasingly targeting organizations and individuals by intercepting legitimate email communications and altering wire transfer instructions. This sophisticated form of business email compromise (BEC) has led to billions in financial losses globally. The attackers exploit trust, timing, and lack of verification protocols to redirect funds into fraudulent accounts, often irreversibly.
How a BEC attack works:
- Email account compromise
- Hackers gain access to a legitimate email account (e.g., a law firm, vendor, or executive) via phishing, credential stuffing, or malware.
- Once inside, they monitor communications silently, waiting for financial transactions to be discussed.
- Email interception & manipulation
- When wire instructions are sent or requested, attackers intercept the message.
- They modify the account and routing numbers to point to a fraudulent account, often overseas and difficult to trace.
- Timing & social engineering
- Attackers may impersonate the sender using lookalike domains or reply from the compromised account.
- They often create urgency (“Funds must be sent today”) or confusion (“Use updated instructions”) to bypass scrutiny.
- Funds transfer & laundering
- Once the wire is sent, funds are quickly moved through a network of mule accounts, making recovery nearly impossible.
Warning Signs to Watch For
- Sudden changes in wire instructions, especially close to payment deadlines
- Emails with subtle domain misspellings (e.g., @teamavalon.com vs. @t3amavalon.com)
- Unusual tone or urgency from known contacts
- Requests to bypass standard verification procedures
- Lack of phone confirmation for high-value transfers
Best Practices for Prevention
Email security
- Implement multifactor authentication (MFA)
- Monitor for unauthorized access
- Use domain-based message authentication, reporting, and conformance (DMARC), sender policy framework (SPF), and domain keys identified mail (DKIM)
Verification Protocols
- Always confirm wire instructions via a trusted phone number
Training & Awareness
- Educate staff on phishing, BEC, and social engineering tactics
Vendor Management
- Establish secure communication channels and verification steps
Incident Response
- Have a rapid escalation plan for suspected fraud attempts
If your organization handles wire transfers, especially in sectors like legal, real estate, or finance, you are a prime target. Review your wire transfer protocols today. Ensure that every change in payment instructions is verified independently – not just by replying to the same email thread.
Contact Avalon’s cybersecurity experts now for tailored guidance on securing financial workflows and mitigating insider and external threats.
