- September 1, 2017
FOR IMMEDIATE RELEASE
For more information contact
(download a pdf here)
Recent E-Mail Hacks and Wire Fraud Scams in Our Area.
How to Help Protect Yourself.
September 1, 2017
Wappingers Falls, N.Y.–Stenger, Roberts, Davis & Diamond, LLP (SDG Law) would like to make you aware of a state-wide scam that has been occurring. People are receiving wiring instructions from persons imitating their attorney or other persons engaged in Real Estate transactions. In this scam, the individual’s e-mail accounts are compromised which allow the hacker to gain information such as closing date, purchase price and identity of the various parties.
In one variation of this scam, someone claiming to be the buyer’s lawyer (or law firm staff) sends the client an email, from an email account that closely resembles the real attorney’s email address, requesting that the client send a wire transfer purportedly to the attorney’s trust or escrow account. Often, the hacker sends innocuous emails with general closing instructions first (such as remembering to bring identification to the closing) to gain the client’s trust, so the client does not think that the ultimate request for the wire is unusual. The client then sends a wire transfer to an account that the hacker directs them to, which is a totally unrelated bank account, often in a different state. Once wired, clients may not be able to get these funds back.
What you should know to reduce the risk:
- Most importantly, do not, under any circumstances, send money via wire, credit card, Paypal, or otherwise without verifying the recipient is legitimate.
- Take notice if the language in the email is different than usual. Look for unusual use of words, grammatical mistakes, or reference to events or parties that are not part of your transaction.
- Check the email address used as the “from” in the email to make sure it is identical to email addresses you have used for a person in the past. Hackers often add periods or other punctuation or add additional words to the email address or domain name (e.g. changing firstname.lastname@example.org to email@example.com”) to change email addresses. Do not rely on the name (e.g. “Mary Smith”) being the same as the name of the contact.
- Be careful not to click links that seem questionable or are not for anything you have requested. Most e-mail programs offer you the opportunity to review the link before you click on it so you can see the address.
- Be very careful not to send e-mails with information about your transactions/cases that if read, could easily be compromised. A telephone call to relay sensitive information is always best.
If you are a SDG Law client, please call our offices any time you receive an email wire request that purports to be from us or if you receive any other suspicious email. 845-298-2000.