A bank transfer scam such as the Revolut scam occurs when a fraudulent party deposits funds into the victim’s bank account. Here some examples.

1. Phishing

These scams are known as phishing and trick victims into providing sensitive information, such as username/password combos that can lead account takeovers or identity theft. Attackers can launch scams by email, instant messaging or text and make it look like the scam is coming from an official source such a bank.

A spear phishing attack is a version of phishing that is targeted at specific individuals. Typically, this includes executives and members of boards of directors. These attacks use email to impersonate the victim’s boss or someone with executive responsibilities and request large wire transfers from other employees. Attackers can also use targeted phishing to gain access to the victims’ networks. This can be accomplished by downloading keyloggers, which record computer activity on the victim’s end and send that information to attackers. The attackers can then access confidential data, including username/password combinations that can be used to commit wire transfer fraud.

Phishing is the most common way criminals obtain your bank account number or any other confidential information. The thieves can use this information to create a fake site that looks like a bank or financial institution. When the victim clicks on a link in the phishing message, they’re directed to a malicious site that asks them to enter their username/password, which allows the attacker to access the victim’s account.

2. Social engineering

Social engineering tactics are used by criminals in order to trick employees, customers, and vendors into disclosing confidential information, or to commit fraud that puts the victim’s finances at risk. They often do this by emailing or calling the victim. These schemes include Business Email Compromise (BEC) fraud, which is costing corporations billions of dollars a year. They also involve impersonating a trusted official, such as the CEO of an organization, and requesting money or information.

In order to create a sense urgency, it is common for people to show that an information or offer is limited in time. Another strategy is posing as someone the target knows, such as a coworker or vendor. Pretexting is a technique that can be used to trick a target into transferring money or granting access to their network. Criminals can also create a phishing site that spoofs the target’s bank or an online auction site.

These tactics are effective, because it is much easier to fool a person into trusting a product than it is to crack software or crack a password. That’s why it is important for FIs to have policies and practices in place that allow them to assist customers who fall prey to these attacks. It is important to have staff who are trained to treat those who lose money in a scam with respect and empathy, as well as to understand how fraudsters managed to pull off the deception. To stay on top of fraudsters’ latest tricks, banks should review and update the messages they send to their customers.

3. Fraudulent emails

Fraudsters target people they have developed a relationship with online. For example, they might pose as a trusted contact in the victim’s organization, an executive or a vendor. They may insist that there is a pressing need to transfer money immediately and repeat this request repeatedly. Attackers could even impersonate government agencies or attorneys. This type fraud is called Business Email Compromise.

A variation on this scheme, also known as advance fee fraud, involves fraudsters telling victims that they have won a lottery or sweepstakes and ask for money to be wired in order to collect the prize. The “Nigerian prince” scam is another variation of this kind of fraud.

In some cases a victim may be targeted through dating sites or social media. The perpetrators will create an emotional connection before requesting wire transfers. This type of fraud is sometimes referred to as social engineering, and it can involve a combination of tactics like hacking and identity theft.

To prevent bank transfers fraud, Treasury Management professionals can train their staff to recognize red flags within fraudulent emails and other communication. They can also implement an additional verification process for all requests to wire money, using a telephone number that does not appear in the payment instructions. In addition, they can use policies and procedures that help reduce risk, including dual control and segregation of duties for critical transactions. They can use rules based machine learning in order to detect patterns that are unusual. If these behaviors are detected, transfers will be stopped.

4. Cybersquatting

Cybercriminals go further than mistyping a name to hijack a domain belonging to an organization or individual and use it in their own interests. This is known as cybersquatting.

The term “cybersquatting” applies to the registration of a domain that uses someone else’s trademark in bad faith, according to the Internet Corporation for Assigned Names and Numbers (ICANN). It does not apply if the domain name is being used in good faith or for a legitimate reason.

Cybersquatting involves using a domain to trick people into sending money to fraudulent accounts. Fraudsters do this by impersonating a creditor, electricity supplier or even tax authorities and claiming that their bank payment details have changed. Fraudsters ask their victims to transfer money to a criminals’ account.

Other examples of cybersquatting involve using a brand name to generate revenue from search engines and phishing scams that target unsuspecting consumers. In the second example, hackers will register the name or brand of a company or product to lure consumers to fake websites that are designed to collect passwords and personal information.

5. Cybercriminals

Cybercriminals are hackers, who break the laws to commit crimes. They use technology, social engineering tactics and pressure tactics to steal sensitive information and money from victims over the internet, phone or email. Hackers may use phishing, computer hacking, or network penetration in order to gain unauthorized access into systems. Insider threats, such as rogue employees who steal payroll funds or corporate information, can also be used to manipulate company accounts. Legislation dealing with cybercrimes can be general in nature or sector-specific, like the Gramm-Leach-Bliley Act (GLBA) which focuses on financial institutions.

Regardless of the method used, cybercriminals work in groups to build tools, software and access to information or data for their own criminal purposes or to sell to other hackers. Cybercriminals are black-hat or “white-hat” hackers who sell hacking software and services online. They may also be criminals that steal personal information in order to commit fraud. This includes phishing scammers who steal identity, cyberterrorists, or identity thieves who use their skills for monetary or political gain.

Wire transfer phishing is one of the most common forms of cybercrime and can result in huge losses. The scammers will often impersonate leaders of businesses or government agencies to convince the target to deposit money into their bank account. The fraudulent transfer instructions usually come with false invoices or other documentation that is meant to fool the victim. Once the money is sent, it is nearly impossible for them to be recovered. The scammers then transfer the funds into their own bank accounts as well as those of money mules around the world.