According to the FBI, since January 2015, there has been a 270 percent increase in the number of victims of email fraud and exposed loss, with nearly 8,000 complaints filed and over U.S. $268 million lost in 2015 alone. Email fraud—which typically involves hacking into a company’s IT systems and using spoof communications to induce an employee of the company to initiate unauthorized international wire transfers—has affected individuals in all 50 states across the U.S. and in 79 countries globally. And although funds have been fraudulently transferred to at least 72 different countries, the majority of transfers are to banks in Asia, predominantly Hong Kong and China, as well as certain Eastern European and African countries, according to the FBI and U.S. Department of Justice (DOJ).
But while the U.S. Department of Justice has published “best practices” on how to respond to a cyber-attack, the U.S. government has offered little guidance on what steps a victim should take to recover stolen funds. The following is a step-by-step guide of what a victim of email fraud should do to maximize the chances of recovering stolen funds. Ideally, each of these steps should be undertaken simultaneously:
