Payment fraud on the Internet – what to do?

Act fast!
"Haste makes waste", as the saying goes, but sometimes the opposite is true: in cases of CEO fraud and payment diversion, speed is of the essence. Perpetrators operate on the Internet and make use of its speed; crossing national borders is part of their criminal plan and is intended to make it as difficult as possible for injured parties to recover the assets they have been deprived of. The only way to counteract this is to act quickly and purposefully. Therefore, please proceed in accordance with the following recommendations, which in our experience provide the best opportunity to repair or at least reduce the damage you have suffered or to prevent damage from occurring in the first place:

1.     Inform your bank of the incident IMMEDIATELY, enclosing all available documents.

  • Request that the transfer not be executed (1).
  • If the transfer has already been executed, please ask your bank (and possibly also its management) to immediately inform the recipient bank via SWIFT (2) message of the suspicion of a criminal offence and ask it to return the amount and to file a report of suspected money laundering.
  • Request that your bank provide you with a copy of the SWIFT message (2) for your records.

2.     Ensure that no further payments are made and that any e-mails received from suspected offenders continue to be presented immediately to the appropriate authority in your country.

3.     Back up all available documents that may be directly or indirectly related to the incident, electronically and in paper form, including

  • e-mails
  • account statements
  • transfer orders
  • phone memos, etc.

4.     File a criminal complaint with the responsible public prosecutor's office, enclosing all the documents available to you.

  • Coordinate the next steps with them, especially with regard to requests for mutual legal assistance abroad.
  • Request the file number and, if possible, the name of the responsible employee at the public prosecutor's office and provide us with this information.

5.     Remind your employees of our fraud alert and to look out for the following warning signs:

  • New participants suddenly appear in an existing e-mail exchange.
    – Check the e-mail addresses.
    – Perpetrators often use e-mail addresses that are similar to a real one that you think you know, but often differ by individual letters or characters.
  • Be suspicious if you receive an e-mail from a member of the management asking you to make substantial payments abroad and have the order confirmed by other means, even if you are asked to maintain confidentiality and disregard official channels.
    – Often payment processing is referred to a lawyer's office, which will then contact you for further instructions.
    – Check whether the law firm and the lawyers acting for it even exist. The involvement of a law firm serves to exert additional pressure and to create the appearance of legality and seriousness of the alleged transaction.
  • Be suspicious if a business partner wants a payment to be made to an account other than the one you have been using for many years, and have this confirmed by your client's contact person by post. Under no circumstances should you use the contact details contained in the suspicious e-mail for your inquiry.
  • Often the perpetrators will try to obligate you to maintain secrecy by referring to the involvement of German authorities, for example BaFin3.
    – Pay attention to the spelling of the names of the alleged BaFin employees (3). These are often borrowed from English.
    – As a rule, BaFin and other authorities do not have jurisdiction over the alleged transaction at all; here again, mentioning BaFin or other authorities serves only to exert additional pressure and create the appearance of legality of the alleged transaction.
(1) As a general rule, the transfer will already have been executed by electronic banking.
(2) Banks communicate worldwide via the standardised SWIFT system, with which messages can be quickly and securely exchanged between banks.
(3) BaFin = Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht)