CSG Law Alert: When Proactive Measures Fail, the Kill Chain May Still Help Recapture Miswired Funds

The “kill chain” is a phrase that refers to the FBI’s ability to interrupt or kill the miswiring and loss of funds.

This is an extremely powerful resource given that cyber criminals have been targeting entities that use Microsoft Office 365 and Google G Suite to perpetuate business email compromise (BEC) scams. The “phish kits” used for this particular attack enables the bad actor to mimic the otherwise legitimate cloud based email to compromise accounts and lure victims into sending or misdirecting funds. This scam has been used over the past 5 years by cyber criminals targeting Microsoft 365 and Google G Suite to steal more than $2.1 billion dollars.

If any of your clients are fooled by a spoofed email, phish or link and miswire funds, if they notify the FBI within 48 hours (sometimes as long as 72 hours, but the sooner the better chance of success) there is a strong probability (not guaranteed) that the FBI can recapture some, if not all, of the funds, but the party that sent the funds must alert the FBI within this window for any chance of success.

We do recommend that impacted companies make contact through our office so that we can be certain information gets to the right agents at the FBI ASAP.

While we always recommend a strong defensive posture – including training of personnel, processes for approval and verification of any requested wiring of funds, and other appropriate measures – even with vigilant personnel, good people are being fooled.

Please contact us to discuss training for your personnel, developing, reviewing and/or improving your processes, and to make introductions for you with your local FBI agents before you need to call them to activate the kill chain.

Related Industries

Privacy & Data Security