The US Financial Crimes Enforcement Network has given financial institutions some advice to help them guard against a growing number of email scams in which fraudsters misappropriate funds by deceiving financial institutions and their customers into conducting wire transfers.

The bulletin, or 'advisory,' also provides a list of warning signals or 'red flags' (compiled with the help of the Federal Bureau of Investigation and the US Secret Service) that financial institutions may use to identify and prevent such email fraud schemes. These are as follows.

• A customer’s seemingly legitimate emailed transaction instructions contain language, timing, and amounts that differ from previously verified and authentic transaction instructions.
• Transaction instructions originate from an email account closely resembling a known customer’s email account, but the email address has been altered slightly by one or more characters.
• Emailed transaction instructions direct payment to a known beneficiary but that beneficiary’s account information is different from what was previously used.
• Emailed transaction instructions direct wire transfers to a foreign bank account that customers have identified as the destination of fraudulent transactions in their written complaints.
• Emailed transaction instructions direct payment to a beneficiary with whom the customer has no payment history or written-down business relationship, and the payment is in an amount similar to or in excess of payments sent to beneficiaries whom the customer has historically paid.
• Emailed transaction instructions include markings, assertions or language that refers to the transaction request as urgent, secret or confidential.
• Emailed transaction instructions are delivered in a way that would give the financial institution limited time or opportunity to confirm the authenticity of the requested transaction.
• Emailed transaction instructions originate from a customer’s employee who is a newly authorised person on the account or is an authorised person who has not previously sent wire transfer instructions.
• A customer’s employee or representative emails a financial institution go give it instructions for a transaction on behalf of the customer that are based exclusively on email communications originating from executives, attorneys, or their designees. However, the customer’s employee or representative indicates he/she has been unable to verify the transactions with such executives, attorneys, or designees.
• A customer emails transaction requests for additional payments immediately following a successful payment to an account not previously used by the customer to pay its suppliers/vendors. Such behaviour may be consistent with someone attempting to issue additional unauthorised payments upon learning that a fraudulent payment was successful.
• A wire transfer is received for credit into an account, but it names a beneficiary who is not the account holder of record. This happens when a victim unwittingly sends wire transfers to a new account number provided by a criminal impersonating a known supplier/vendor.