California couple lost $160,000 in a Business Email Compromise Scam, Know More

The Lawlors were in a very difficult situation as they had borrowed the money from a family member

PUBLISHED FEB 22, 2024

Cover Image Source: House For Sale sign is displayed | Getty Images | Mario Tama

Pat and Marisa were looking for a home for sale two years back when the market was extremely tight and the interest rates were low. The couple were outbid three times before finally snagging a house in West Hills. “It was tough, it was challenging, it was a seller’s market and we were a buyer, not much inventory to choose from,” Pat Lawlor told NBC. Lawlor then got wire instructions for the down payments in an email seemingly sent from the escrow agent. Without any second thought, he wired the $160,000.

Phishing' email | Getty Images | Peter Dazeley

After a few days, Lawlor received an email that read, 'We’re clear to close, we’re all set here, just need your down payment.' The Lawlors were shocked to the core. It turns out the email they responded to was not from the escrow company. Instead, it was the scammer with a fake email signature that looked like the previous emails. "We were just trusting the process as we were told to do," he told the publication.

This is more common than one would think. Dr. Clifford Neuman, a computer systems security expert at USC said that scammers find some way or the other to breach a company's email system.

"So there are a lot of vectors that an adversary could use to get their way into the email system of a small company. That might have been because an employee of theirs did something to allow the adversary to get in. It could also be that the system itself was breached," said Neuman.

According to data, this business email compromise is a huge problem and the FBI reports that money lost to these scams includes down payment wire transfers. As per data, victims lost close to $3 billion in these types of scams in 2022.

The Lawlors were in a very difficult situation as they had borrowed the money from a family member which pushed them deeper into the debt trap.

"I think the mindset, there’s a prevailing mindset that this is an abstract thing that happens out there sometimes to some people. But it’s not. It’s a real thing that happens to real people. And it’s devastating." said Lawlor.

According to the FBI, Business Email Compromise (BEC) has become a huge issue and is a "$26 billion scam." The threat seems to be only increasing with time. The biggest BEC scam of all time was the VEC attack against tech giants like Google and Facebook which ultimately resulted in around $121 million in losses.

Evaldas Rimasauskas, the mastermind behind the scam was later sentenced to five years of prison in the year 2019. Rimasauskas along with his associates created a fake company called," Quanta Computer" which was the same name used by a legit hardware company. The scammers then presented the tech companies with convincing-looking invoices.

As per the FBI, there are a few red flags one should recognize. For example, a scammer may spoof a real website, with a slight variation to fool the victim. Scammers are also known to spread spearphishing emails, which means that they send messages that read like it's sent from a trusted person. These scammers also use malware to infiltrate company networks and gain access to email threads, which was exactly what the scammers who breached the email of the escrow company did.