After St. Ambrose Theft, FBI Warns Of Email Scams

BRUNSWICK, OH — St. Ambrose Catholic Parish were the victims of a sophisticated email scam that cost the church $1.75 million. The FBI is investigating the theft but is warning other organization to be wary of email ploys.

FBI officials said St. Ambrose's staff were the victims of a business email compromise (BEC) scheme. Other details on the specific case could not be released because investigators are still exploring what happened and who may be responsible.

"Business email compromise (BEC) scam is a sophisticated scam targeting both businesses and individuals performing wire transfer payments,"the FBI said on Tuesday. "The scam is frequently carried out when a subject compromises legitimate business email accounts through social engineering or computer intrusion techniques to conduct unauthorized transfer of funds."

Essentially, BCE scams convince a target to change the destination of their wire transfer by pretending to be another business. The scammers can spoof actual email accounts or websites, install malware to infiltrate company networks, and deploy spear phishing - bogus emails believed to be from a trusted sender prompt victims to reveal confidential information.

The FBI is telling Northeast Ohioans to keep their firewall updated and running, maintain operating systems, be skeptical of downloads, be cautious sharing information via email, and to turn off computers when not in use.

"Don’t be a victim - verbally verify the authenticity of requests to send money by talking to the financial manager or CFOs office, create intrusion detection system rules that flag emails with extensions that are similar to company emails, carefully scrutinize all email requests for transfer of funds to determine if the requests are out of the ordinary," the FBI added.