Phishing Attacks and Your Business – It’s Not Just Nigerian Princes Emailing You Anymore

Phishing scams, or fraudulent emails used to acquire banking and personal information, are getting more sophisticated. General emails blasted to thousands of email addresses by a Nigerian Prince wanting to share $10,000,000 with you are still out there on the web, however other schemes are hitting closer to businesses.

Spear Phishing is a type fraudulent email that is directed towards a company and its employees. The scammers take great care in doing their research on the company organization and its employees. Think for a moment. Most companies allow, and in fact encourage, employees to create social media accounts to promote business and branding opportunities. Would a search of LinkedIn or your webpage provide information on your employees, your company, and institutional knowledge of management and operations? This type of information is extremely valuable in a Spear Phishing attack of your company. “Whaling” occurs when the target of the Phishing attack are employees at the executive level.

Eide Bailly LLP computer forensics have been engaged to trace several of these Spear Phish attacks where hundreds of thousands of dollars have been lost by companies and banks. Here is how some of the more recent schemes are performed.

Typically, someone working in a company’s finance department receives an email that appears to be from a high level executive of the company. The email signature is correct, the format and font are the same as the companies. The appropriate logos are also present. The email, usually proclaiming some urgency in paying an overdue invoice, or a need to transfer funds, directs the lower level employee to transfer a fixed amount of money via wire or bank transfer to a routing and account number provided by the Phishing email. The employee, believing the email is legitimate, performs the money transfer and replies back to the email that funds were sent.

The problem is the email never came from the company executive. Close inspection of the email address revealed a single character difference. As an example, eidebailly.com becomes eidebaily.com. The funds are now gone, and the likelihood of a Federal criminal investigation into the theft are minimal unless substantial funds are lost. That is why the Phishing scheme typically deals with amounts of money that would not normally raise concerns to the email recipient in payroll or finance.

Companies should review policies dealing with ordinary, and out of the norm, requests for the wire transfer of funds. Policies should include independent verification with the source of the request, either by company phone line or by initiating an email using the company directory email address. A reply to the original email would only go to the Phishing suspect.

 

Digital Divorce: How Computer Forensics Can Influence Your Client’s Case

Computer forensics and eDiscovery can play an important role in the outcome of your client’s divorce or family law case, revealing key details that might otherwise remain buried.

In a recent divorce case, one spouse suspected the other of hacking into a personal Gmail account in order to gain possible financial information and attorney-client privileged communications that might be valuable in the divorce settlement. The spouse used the security questions to change the password for the account and gained access to all personal and business emails present on the account.

My task was to prove the spouse committed the hacking. Committing a crime during the divorce discussions might not affect the outcome of any settlement; however, it would not be looked upon favorably by a judge. As you can imagine, it would cast a shadow on the character of the offending spouse.

Two subpoenas and a little time online quickly identified evidence that the spouse was the offending party. The Internet Protocol address (think Internet caller ID) used to hack the account was traced to a hotel Wi-Fi network in another state. The hotel registry verified that the current love interest of the spouse was registered there at the time, and the cell tower and GPS data from the spouse’s cell phone traced to the same hotel at the time of the hacking. The spouse subsequently exercised the right against self-incrimination to a new set of interrogatory questions.

Helping Clients Fortify Their Online Security

Think about your own answers to online security questions. Would your spouse know your favorite sport, mother’s maiden name, and other simplistic questions commonly used? The preventive solution is to lie on the security questions. The computer is only looking for a match between the ones and zeros; it does not care how many children you have or what street you lived on in grade school. This is a point that should be mentioned to your clients at the onset of divorce proceedings. All of your initial meetings should emphasize having your client change passwords and security questions for all online accounts, not just banking and email.

Understanding the Power of Computer Forensics

In one case, a computer forensic examiner was hired to look at the data on one spouse’s computer. The court order was very specific as to what the examiner could reveal to the hiring attorney from his examination. In violation of the agreement between counsels and what was approved by the court, the examiner provided privileged email communications to the attorney, who subsequently gave the emails to his client – the opposing spouse. My examination of the opposing spouse’s computer proved the emails were provided and opened by the soon-to-be ex-husband. The lawyer providing the emails was tossed from the case by the judge, and the husband’s credibility with the court diminished significantly. A key logging spy program had also been placed on my client’s computer, which is not an uncommon event in family law cases.

In another case, a 48-year-old male neurosurgeon was convinced by the 28-year-old woman he met on Craigslist to marry her. Since he was already married, this caused some issues. The 28-year-old subsequently made the argument that she was in a putative marriage, because she believed the neurosurgeon was divorced at the time of their marriage. Computer forensics of the chats between the two revealed that, three months prior to the marriage, she was clearly advised that he was already married. Additional computer evidence included her having a copy of his current marriage license and her running Internet search reports on his current wife.

Computers Provide an Electronic Trail Revealing a Party’s Character

The computer is not just an avenue to investigate and identify hidden assets, fund transfers, driving directions to safe deposit boxes, unknown credit cards, and bank accounts. It is the electronic trail to the opposing party’s life and character. Addictions from gambling, shopping, drugs, or pornography to extramarital affairs, manipulating finances in anticipation of the divorce, using eBay or PayPal used to sell assets, and spying on the spouse electronically can all be revealed through computer forensics. In most cases, spoliation of some form has been present on the computers I have examined over the course of my career.

According to the National Endowment for Financial Education, 31% of U.S. adults who combine assets with a spouse or partner say they have been deceptive about money, and 58% say they hid cash or assets from their spouse or partner.

I recently returned from an overseas trip and exclusively communicated with friends and family through the less expensive text option, instead of phone calls. It reminded me of a case where the husband was claiming poverty in the divorce, only to have the examination of his computer show him sending thousands of dollars in assets to his Brazilian girlfriend, which was verified in his deleted Skype chat. The chat was not something an IT professional would normally locate, nor would an attorney ask for in eDiscovery.

“Mr. Mom” claimed he was a doting stay-at-home father, until his computer use showed that he routinely spent hours on Internet poker websites while his wife was away from the home The time/date analysis was so precise, it could predict when the spouse left and returned from work, as well as when she went to bed. The timelines were matched up with the start of tournaments on the poker websites, so his online time could be measured down to the second.

Discussing Computer Forensics with Your Clients

At the onset of each new family law case, counsel should interview clients concerning computer use and email accounts to determine if computer forensic examinations would benefit the client. The expense for a forensic computer examination for matrimonial litigation is typically affordable due to the limited issues that need to be resolved. The above examples are true case examples. Computer forensics is commonly used in other litigation where Electronically Stored Information (ESI) is important to the client in eDiscovery. In family law matters, any preliminary client discussions should include the security of ESI and whether computer forensic would assist in the case.