Wire fraud is on the rise. Health care providers engaging in transactions, whether operational or financial, need to remain aware of crimes involving compromised emails and fraudulent wire transfers.

Financial crimes involving wire transfers are, sadly, very common. The criminals are seldom caught because they don’t even need to be in this country. All they need to do is worm their way into someone’s email, monitor it quietly and send bogus wiring instructions at the last minute.

With wire fraud, time is not your friend.  A wire transfer overseas can only be clawed back within a short time frame and it usually takes input from the FBI to make that happen.  As a rule, if more than 72 hours has passed with an overseas transfer, there is very little hope.  Unfortunately, victims of fraud tend to prevaricate for some time, perhaps unwilling to accept the enormity of what just happened or they are embarrassed and in denial.  They take too long to call.  With the underlying delay in detection and the slow response, the window to respond is often all but closed.

Here are tips to protect your organization if you feel you have been a victim of wire fraud:

1. Alert your bank. They will often need to issue a hold harmless letter to the receiving bank; because ultimately, the receiving bank is being asked to go against the interest of the account holder, which violates that bank’s fiduciary duty. Make sure the victim’s bank issues this letter and alerts the receiving bank. Get this in writing. If there is a transaction number, get that as well.

2. Tap into the IP department to access the firewall and obtain technical information such as headers of the emails and relevant IP addresses.

3. Gather all documents associated with the fraud and have them readily available. Better yet, get a copy of them as attachments rather than as forwarded messages; so that you can capture and collect the header information to supply to law enforcement.

4. Note the amount of the transfer, your bank information, the name and address of the recipient’s bank and the name of the recipient’s account. Make sure you have the following financial information:
a. The name and address of the victim
b. The amount of the transfer
c. The victim’s bank’s name and account number
d. The address of the victim’s bank.
e. The name and address of the recipient bank
f. The name of the recipient’s account
g. The bank routing number, account number and SWIFT code for the recipient bank.

5. Call the attorney who supports your cybersecurity. If you can’t reach him or her, visit the federal site IC3.gov for reporting these crimes. This site will allow you to alert the authorities of the fraud and start the claw back process. The form will also ask about the nature of the crime, so be prepared to describe it. You should print a copy of the form once completed because the way this site works, you will not be able to see it again.

6. Reach out to the FBI office that covers your region.

To learn more about our legal and technical support to protect your organization’s assets and business interests, including our rapid response team, visit our Cybersecurity Protection and Response page.