The Department of Justice issued a press release this month announcing that the U.S. Attorney’s Office for the Northern District of Georgia and the FBI have teamed up with Atlanta-area district attorneys and law enforcement agencies to create a task force for prosecuting cyber fraud crimes. Judging by the press release, it appears the task force will be especially aggressive in targeting individuals suspected of operating Business Email Compromise (BEC) fraud schemes.
BEC fraud, also known as “phishing,” is when a person sends an email to a victim that is designed to appear like it is from a legitimate person or organization, or a person the victim knows, and includes a reasonable-sounding request, usually for money or for valuable information. For example, a person may receive a fake email that is made to look like it is from their boss or colleague, asking for client data for to deposit funds in an account. In some cases, fake emails are designed to look like real emails from a victim’s bank, asking to confirm account information, passwords, or including a link to a fake site where the victim is asked to type in sensitive information like their password, social security number, or other data.
To convict someone of BEC fraud, the government has to prove beyond a reasonable doubt that the defendant intentionally and knowingly lied or misrepresented themselves in the email, with a specific intent to defraud a victim out of their money or other valuable property. In some cases, that might be easy, such as a defendant who affirmatively represents themselves as another person in an email to a victim and requests money for a completely fabricated reason. In one common BEC fraud scheme, for example, a person pretends to be a victim’s boss and sends them an email asking them to buy gift cards for other employees as a gift, to be reimbursed, of course. The person then asks the victim to send the gift card numbers so they can send them to the other employees.
Other cases may be more defensible, however, depending on how the sender of the email represents themselves, whether they are requesting money or information, and how they are asking for it. A vague email making vague requests for vague reasons is certainly easier to defend than an email containing specific lies that can easily be disproven once law enforcement tracks down the computer used for the scheme or interviews whoever the defendant was pretending to be.
The DOJ’s press release makes it very clear that the feds and local law enforcement in the Atlanta area have issued a mandate to increase the number of BEC fraud prosecutions. The press release states that the FBI identified 1,303 incidents of BEC fraud with over $4.5 million in losses in 2020, a 6% increase from the year before. It also states that “nearly half of U.S.-based BEC actors were located in five states with clusters of actors around a handful of metro areas, including the metro-Atlanta area.” Metro Atlanta can expect to see law enforcement and prosecutors take an aggressive approach in targeting alleged BEC fraud schemes.