We constantly write about this particular China bank scam because our international lawyers constantly get contacted by smart companies that have fallen victim to it. I personally received two emails in the last month from companies bilked out of between $65,000 and $155,000.
Last year the Wall Street Journal wrote about how there has been an increase in criminals breaking into email accounts and changing bank-account information to capture payments intended for suppliers:
The increasing prevalence of the schemes has drawn the attention of law enforcement. Attackers who once pretended to be executives directing subordinates to transfer money are using new techniques, including malicious software to break into email systems and redirect the payments, said Rick Alwine, a supervisory special agent with the Federal Bureau of Investigation’s Cyber Division.
And as the Wall Street Journal noted, these bank account scams are increasing and most involve China:
In an analysis of 44 recent fraudulent transfers, 84% of the transfers went to accounts in China and Hong Kong where it is more difficult for victims to recover their money, the FBI alert said. The FBI says it has logged nearly 18,000 reports of business email scams since 2013 accounting for $2.3 billion in losses, and complaints about these scams more than tripled last year, compared with 2014.
The Wall Street Journal describes these scams as follows:
When the buyer sends an order, the scammers step in, ultimately intercepting the seller’s invoice and changing payment instructions before sending it back to the buyer. With the modified invoice, funds are sent to the criminals instead of to the seller.
This scam usually involves your regular Chinese supplier asking you to make a payment or payments to a new bank account, though it sometimes can involve your very first payment to a new Chinese supplier. Then even after you make the payment or payments, your China supplier insists you still owe it the full amount (oftentimes with added fees) because it never received your payment. When you explain to your China supplier that you in fact did pay it, your supplier points out that the bank account to which you sent the funds is not theirs and that you still owe the money.
The Wall Street Journal article then discusses how easy they can be to pull off and how difficult they are to stop, but provides no solutions;
True business email compromise is almost invisible to both victim companies involved in the transaction,” he said. “It’s going to take a lot more effort to stop it than a simple reminder to phone the CEO before wiring money on his behalf.
But there are solutions and they do involve a lot more than reminding your people “to phone the CEO before wiring money on his behalf. We advocate every business do the following to minimize its chances of falling victim to this common scam:
1. Get to know your suppliers who speak English (if you don’t speak Chinese) and get your supplier’s landline phone numbers as that cannot be hacked. Call if you have any concerns.
2. Get your supplier’s bank account information in advance and ask them to refer to “bank account information document” on their invoices, rather than listing out full bank details every time.
3. Check your bank account every day, maybe even twice a day. If you catch a wire early enough you can sometimes stop it.
4. Do a first small wire to confirm the account.
5. If possible, paying your Chinese suppliers to their bank accounts in mainland China as that is generally safer than paying them overseas, be it Hong Kong, Taiwan or anywhere else.
6. Have a special procedure set up with your suppliers for confirming bank account changes .
7. Have an internal procedure for confirming all payments over a certain amount.
8. Get an insurance policy that covers computer hacking or fraud and make sure it covers this sort of scam. We actually have had good luck convincing insurance companies that they need to pay off on such policies.
What can you do if you have already been victimized? We do the following when retained by a company victimized by this fraud:
1. We determine whether there are any insurance claims to be made. This is usually your best chance of recovering all your losses, but do not expect your insurance company to pay without a fight. We help by explaining to the insurance company how these scams happen and why you are entitled to coverage under your policy and we get the Chinese supplier to help as well.
2. We try to get some monetary contribution from your Chinese supplier by letting it know that it was (or might have been) their computer system the scammer hacked and therefore it should pay at least some of our client’s loss. Much depends on our client’s relationship with its Chinese supplier and on what the Chinese supplier perceives its future relationship with our client will be.
3. We work with our client to minimize problems with its Chinese supplier and if that relationship needs to be severed, we counsel them on how to do so without creating all sorts of new problems. See Why Changing China Suppliers Can Be So Risky.
4. We seek to determine if there is any chance to recover anything from the perpetrator. This is an expensive and time-consuming process and there must be a lot of money involved for it to make much sense. Nonetheless, we find that our at least having run this option to ground helps immensely in dealing with both the Chinese supplier and with our client’s insurance company, neither of whom want to pay anything until they are convinced that our client has done everything it could do to try to recover from the crooks themselves.