Cyber Criminals Are Reportedly Pairing Falsified Wire Instructions with Seemingly Credible Justifications in Attempts to Misdirect Funds to Third-Party Accounts and Tricking Executives and Advisers into Compromising Sensitive Non-Public Information


Recent reports indicate that sophisticated cyber criminals are increasingly targeting company executives and their outside counsel, advisers, and consultants in connection with corporate transactions in fraudulent efforts to obtain funds or inside information. These schemes involve hacked systems or forged emails that appear legitimate to redirect funds transfers or obtain confidential information. To avoid loss of funds or confidential information, companies should consider implementing heightened verification procedures with respect to significant financial transactions or sensitive information requests.


With cyber intrusions and attacks increasing in both prevalence and sophistication, cybersecurity is a pressing concern for all businesses. While high-profile thefts of consumer and commercial data draw the most public attention, recent reports indicate that sophisticated cyber scam artists are deploying fraudulent schemes to target company executives and their counsel, advisers, and consultants, as well as company vendors, in connection with corporate transactions, including financing transactions and mergers and acquisitions.

Of particular concern are reports that cyber scammers have hacked systems to create false emails to provide seemingly legitimate wire transfer instructions that misdirect funds transfers to third-party accounts, including by providing a credible justification for the transfers, such as a closing or a litigation settlement. For example, in connection with a recent closing of one corporate transaction, hackers reportedly infiltrated the seller’s systems and caused a fraudulent email to be sent to the buyer’s lawyers, including modified wire transfer instructions that would have sent funds to a third-party account controlled by the hackers. In another sophisticated scheme that has reportedly been attempted on numerous occasions, scammers have utilized falsified emails that appeared to come from a corporate acquirer’s lawyers or its finance executives instructing that funds be wired to a particular account, sometimes directing that the transfer be made according to instructions contained in an also-falsified email earlier in the chain that appeared to be from the company’s CEO.

In addition, cybersecurity experts have reported the existence of a group that has been seeking to gain access to email accounts of company executives and their counsel, advisers, and consultants so as to gain access to material non-public information about nascent M&A deals and other announcements expected to affect securities trading.1 Unlike widely publicized “phishing” attacks that are broadly disseminated and designed primarily to dupe the gullible, these targeted and more sophisticated “spear phishing” efforts appear to be written by native English speakers, employ credible investment terminology, and suggest familiarity with the internal operations of public companies. The group focuses on tricking targets into disclosing their network sign-on information, enabling the group to view email correspondence containing actionable non-public information.

In light of these reports, companies and their attorneys must exercise particular vigilance with regard to electronic communications that direct funds transfers, discuss sensitive information, or relate to user sign-on information. Companies should consider implementing heightened verification procedures before performing wire or other funds transfers according to electronically transmitted instructions, including where appropriate verifying transfer instructions orally. Similar caution should be taken with respect to requests or instructions to transmit sensitive information. Companies should also ensure that their outside counsel, advisers, consultants, and vendors observe similar safeguards.