FOX 8 Defenders: JP business finds itself in the middle of a serious cyber threat

FOX 8 Defenders: JP business finds itself in the middle of a serious cyber threat

METAIRIE, LA (WVUE) - "There were checks on my desk to sign, and the first one was for $26,450 to a company I've never seen before," Mark Brown explained.

Brown, who co-runs Brown Rice marketing firm in Old Metairie, wasn't just going to sign the business check, so he questioned his firm's bookkeeper about it.

"She's looking at me like I'm crazy, and I'm looking at her like she's crazy," Brown said.

His bookkeeper quickly reminded him the two of them had already gone over that invoice and more than once via email the day before.

"When I said, 'Well show me those emails,' I went to her computer and I went - my eyes got this big, and I'm like, yeah, that's my email," Brown explained.

There was no doubt it was Brown's email, with his business signature at the bottom, including his company logo, address and phone numbers. But Brown didn't send any of those emails.

Someone else pretending to be Mark Brown, through his email, directed the firm's bookkeeper to pay what was described as an outstanding invoice for "professional services" for more than $26,000.

"He (con artist) was having a dialogue with her, telling her as if it were me, telling her write this check, or get this done, or go to the bank and do an ACH and transmit those funds," Brown said.

The back-and-forth emails started the day before and went on for a few hours. The first one said, "kindly pay for this attached invoice and let me know when you are done." Brown's bookkeeper responded, "Pay when? Tomorrow?"  Two minutes later, "Kindly make sure it goes out today, because it's long overdue." As soon as the book-keeper wrote back, "check is ready to print," she got another quick response: "I think they only accept ACH or wire transfer at this time.  We should have that done. By the way the check might take too long as they are threatening."

Keep in mind, Brown's bookkeeper thinks she's emailing with him, her boss, but really it's some stranger who wants her to do an electronic transfer of money from their firm's bank account to another bank account. The emails continued and each time they became a little more intimidating. The firm's bookkeeper writes: "Mark, take the invoice to the bank. The transaction is done through the bank, OK?"  The response: "I don't understand why you can't take it to the bank and do it for us."  Trying to do what her boss wanted the bookkeeper answered, "I will do it now."

But there was one problem.

"The bank wouldn't allow her to do it without me or my partner's approval. Thank goodness!" Brown said.

That's when she got the business check ready for her boss to sign the next day. At that point, it was like a light bulb went off for the real Mark Brown. He remembered getting a questionable email earlier that week.

"I had gotten that email that Monday from a friend who normally doesn't send me emails, and the email said, 'Hey Mark, open this.'  So I forwarded that email back to him thinking, I'm computer savvy, I know better than this. And I said, 'Did you send me this?' And it immediately came back to me and it said, 'Yes,'" Brown explained.

Brown clicked on the attachment, and while his computer security warned him, he over-rode it. It turns out, there was no document, so Brown went on about his day and just forgot about it. Realizing this may be how the scammer invaded his business email, he picked up the phone and called his friend who sent the email.

"When I called him I said, 'Do you remember sending me an email last Monday?' And he said, 'No, but I have a feeling what you're gonna tell me.' And his company almost fell for the same scam also. They did the ACH for $26,000, but somebody in the office recognized it and had it reversed that afternoon," Brown said.

A partner in his marketing firm and member of the Better Business Bureau's board, Brown wants every business to hear this warning.

"These individuals are very intimidating. They want their money now, and they don't wanna fool around. They may even act as a boss and indicate that if you don't do it immediately, that you could lose your job. We've heard of cases like that," said Cynthia Albert with the BBB.

She says the scam is a combination of what's known as phishing and 'spoofing.

"Phishing, of course, they're fishing for your money. Spoofing, they want you to think it's somebody else," Albert explained.

"If they have lost some kind of financial, meaning money, time is very important, so I encourage them to call the FBI immediately, and the next call is to their bank," FBI New Orleans Special Agent-in-Charge Drew Watts said.

The FBI calls the cyber crime a BEC or Business Email Compromise, a fast-growing trend estimated to exceed over a billion dollar loss in the U.S. alone.

"The actor (con artist) gets into some type of email account whether it be Yahoo or Gmail, some kind of communications, and they get in there and they may sit there for a while. They determine your tendencies, figure out who you're talking to, they get into your Outlook accounts, they figure out who are all of your contacts and they become you. They send emails on your behalf and you don't even know it's taking place," Watts said.

In some cases, he said an unauthorized wire transfer happens.

"That money can be tracked to that next destination. Now whether it stops at that bank or moves to the next, that's when we (FBI) have to get involved," explained Watts.

In Mark Brown's case, the con artists provided a checking account number and routing number for a bank out of Pittsburgh. The FBI has had some success in recovering money, but tracking the bad guys can be tough with many of them outside of the country.

At the FBI's New Orleans division, computer scientists are part of a computer analysis response team, inspecting computers to try and track down intruders.

"If someone in our office through office email is telling you something and it doesn't sound right, and it sounds like something they wouldn't do, let's get a verbal. Let's talk to each other," Brown said.

Because in the back and forth emails, the con artist used the words "kindly do this" a couple of times, and Brown says that's not how he talks.

The BBB and FBI both say that should be number one in prevention. Besides having a couple ways to verify a wire transfer like a phone call, the FBI suggests you change your passwords regularly, maintain your network and have an action plan in case your business falls victim.

It was a frightening experience Mark Brown and his employees hope all businesses take seriously.  "I felt like my computer and my office had been invaded," Brown said.

Click here to file a complaint with the FBI.  These complaints go to FBI headquarters and are then directed to the closest field office.

The FOX 8 Defenders staffed with volunteers from the National Council of Jewish Women, the NCJW, also field consumer complaints at 1-877-670-6397 or you can fill out an online complaint form.

Copyright 2017 WVUE. All rights reserved.