Security alert: Wire Transfer Fraud and Doppelgänger Domain Name Campaigns

Posted on Monday, June 26, 2017

Investigating wire transfer fraud

Wire transfer fraud and Doppelganger domain name campaigns are currently significant and common risks in Canada. Read more about these threats so you aren’t a victim!

According the Competition Bureau:

  • From January 2014 to December 2016, Canadian lost over $290 million to fraud
  • In 2016, online scams accounted for more than 20,000 complaints and more than $40 million in losses

Wire transfer fraud

Deceptive email domains or compromised email accounts will send invoices or request payments to specific individuals in large organizations. Because these are targeted attacks, they are less likely to be detected by spam filters. Cyber-criminals target businesses, such as the University, that process large volumes of invoices hoping they will pay the fraudulent invoices without much scrutiny. For example, demand of payment for supplies that were never ordered/delivered.

Doppelganger domain name

Legally registered domain names that are nearly identical to legitimate websites are used, oftentimes in conjunction with the wire transfer fraud, to convince organizations to process payments. These fraudulent domains are easily perceived as legitimate, and give credibility to requests for payments. For example, for the fictional example, a cyber-attacker might use the doppelganger domain name, replacing the “l” with a “1” in efforts to elicit a payment.

Protect yourself

  • If you often receive and process payments, read more about these threats so you are well informed and can be vigilant in spotting these attacks
  • Be wary about unsolicited emails particularly those requesting payments or expressing urgent action
  • Ensure your processes reflect careful review of payments
  • Contact the organization if you are suspicious about the email or invoice
  • If you processed a payment to a fraudulent account, immediately contact Financial Resources to see if the payment can be stopped.
Back to top