Email based funds transfer frauds

This article relates to email based funds transfer frauds that you may see described as "business email compromise", "CEO fraud", "CFO fraud" and more.  I wrote an article about it a while back titled "The Cybercrime Scheme That Attacks Email Accounts And Your Bank Accounts" which you can find on this website or at the HuffingtonPost. I also wrote about it in my book, Cybersecurity for the Home and Office, and second book, Cybercrime Investigations.

This is a horrible cybercrime that has victimized many people and businesses. For individuals, it has stolen their life savings, and causes significant stress and feelings of hopelessness. For businesses, it can put them at risk of failure.

This crime occurs when cybercriminals impersonate others, either by compromising ("hacking") their email accounts, or by establishing new, similar sounding emails accounts, or both. Then they trick recipients into wiring funds so that they wind up in the criminal's hands. This is an example of criminal "social engineering" or con-artistry.

First, here are ways we can prevent this crime:

  • Banks:
    • Warn customers about this fraud before they send funds. Ask the customer: "Did you speak by phone with the person who sent you these wire instructions?" Tell the customer "There is a rampant fraud called business email compromise. Please read John Bandler's article on the subject." (I'm kidding about the last part. The bank could write their own summary of the fraud).
    • Detect, shut down, and don't forward funds relating to "money mule" accounts. Money mule accounts receive fraudulently induced wires, then forward them out of the country.
  • Attorneys: Secure your email accounts, warn clients about this fraud, advise clients to verbally confirm any funds transfer instructions.
  • Real estate agents and others: Ditto.
  • All of us, individuals, businesses, etc.:
    • Secure email accounts with strong passwords and two-factor authentication. My articles and book have details.
    • Don't become a money mule. Know who you are doing business with, know your client, know your business partners, know where the money is coming from and going to.
    • Verbally confirm any funds transfer instructions, or changes to those instructions. Don't rely upon emailed instructions.
    • Businesses should develop and improve their cybersecurity (information security) program.
  • Law enforcement:
    • Work more of these cybercrime investigations, follow the money, indict, apprehend, and extradite those profiting from it.
    • Provide victims with a seamless reporting process for cybercrime, and promptly investigate and follow up on these reports.

After this crime has occurred, work fast to try recover funds, or stop them before they leave this country.

  • Call the FBI, local police, report to the FBI's IC3 website. Be politely persistent.
  • Call your bank, ask them to stop and trace the funds. Ask them to confirm they are in contact with law enforcement.
  • Consider hiring someone to help you.

Perhaps understandably, many victims of this crime simply want their money back. They are less interested in how it happened, where the money went, and various details of the crime. Having lost money, few are anxious to spend more money investigating the theft. That said, it is hard to know the path forward without knowing the facts.

For me, the details of these cybercrimes are fascinating. I also believe the details are essential to deciding upon future actions. The era of cybersecurity and cybercrime negligence lawsuits are upon us, but still in their infancy and evolving. Whether a party is negligent or not depends upon the facts and surrounding circumstances, and I believe it is best to learn facts before contemplating litigation. After all, if you have a strong case, this can help negotiations, and you might be able to resolve the matter without any expensive litigation. If you have a weak case, you can save yourself years of stress and expense of an unnecessary lawsuit.

Cybercriminals are always evolving. Prevention is always better than the cure. It is better to avoid the problem than deal with the aftermath. Cybersecurity is important for all of us, our families, and our professional lives. My first book (Cybersecurity for the Home and Office) is comprehensive and can help you understand technology, the privacy and cybercrime threats, and how to secure yourself and your business.  My second book (Cybercrime Investigations) is for after the crime. I can help too.


Before the fraud: see my book Cybersecurity for the Home and Office, on this website and at

After the fraud: see my book Cybercrime Investigations, on this website and at

This article is also available on at

An earlier article on the topic with some nice diagrams is available on this website at and was originally published in the Huffington Post at

Originally posted February 2019. Updated July 2020.