Business email fraud centered in Atlanta, says study

B.J. Pak, U.S. Attorney for the Northern District of Georgia, has cracked down on business email phishing criminals in Atlanta. JASON GETZ / JGETZ@AJC.COM

Email scammers expand out of Nigeria

Atlanta has earned a dubious title in the cybercrime world — it’s the No. 1 location in the U.S. for criminals who target business owners, according to a new study.

The city is home to an estimated 7% of U.S. criminals who engage in so-called Business Email Compromise fraud, the nation’s highest percentage. In this type of scheme, also called BEC, a criminal impersonates a CEO via email and persuades a worker to transfer company money into fake accounts.

Agari Data, a provider of email security software, conducted the study between May 2019 and July this year. The California company examined 9,000 separate contacts between researchers and criminals, obtaining geographic locations for each fraudster’s IP address. It published the results this week.

The BEC category of email phishing is the largest type of cybercrime, totaling $12 billion in potential losses worldwide between 2013 and 2018, according to the FBI.

It’s not clear why Atlanta is a hotspot, but one reason could be that many payments-processing companies are located here, said Crane Hassold, senior director of threat research at Agari.

“The talent is already living there,” he said.

Global Payments, Elavon and Fiserv are some of the payment-technology companies with large operations in metro Atlanta. Georgia Tech last month opened the School of Cybersecurity and Privacy, which the college says is one of the first of its kind in the U.S.

In addition to Atlanta, the largest hotspots in the U.S. are New York, Los Angeles, Houston and Miami, according to Agari.

In March, the U.S. Attorney’s Office in Atlanta arrested two dozen business email fraudsters responsible for $30 million in losses. Most lived in metro Atlanta.

“Fraud schemes, like the ones perpetrated and facilitated by these defendants, inflict considerable losses on citizens, companies, and the financial system,” U.S. Attorney B.J. Pak said in a news release at the time.

BEC fraud largely originated in Nigeria, although the criminal rings have expanded to the U.S. and other countries as Nigerian law enforcement has cracked down.

Cyberthieves have become more sophisticated in avoiding detection by banks, which are required to report suspicious transactions to law enforcement, said Erich Kron, security awareness advocate at KnowB4, a Florida-based company that provides cybersecurity training. That includes asking for workers' W-2 tax forms or funds held in real estate escrow accounts.

Scammers have also targeted city and county government workers who purchase personal protective equipment and other supplies related to the COVID-19 pandemic, according to the FBI.

The FBI, which operates an online portal to submit potential cybercrime cases, has warned that fraudulent business emails appear legitimate and can even dupe sophisticated workers.

In Other News