churchlawandtax.com – Nonprofit financial leaders are receiving fraudulent emails that genuinely appear to be from their superiors, and these emails ask them to wire or transfer funds to a bank account in connection with the nonprofit organization’s activities. In some cases, the financial leaders truly believed the email request was legitimate. Fortunately, for the cases of which we are aware, other procedures prevented the actual disbursement of funds. But there have been close calls.
How the Scam Works
In a nutshell, what happens is some version of the following:
Scammers spend time on the organization’s website, learning who the leaders are. Specifically, they will look for one of the top leaders with organization-wide authority (president, CEO, senior pastor, etc.) and will especially look for his or her email address and nickname (e.g., if the CEO’s real name is William, but he goes by “Bill,” that can often be discerned from the website).
Then, the scammers identify the top financial person (along with any nickname) and his or her email address.
Next, the scammers create an email in which they spoof the real email address of the top leader they have identified. The email will look very much like it came from the top leader and may even appear as having come from his or her actual email address. The email will be sent to the person the scammers have identified as the organization’s top financial leader.
The email will contain instructions, using nicknames if applicable, to wire or transfer money to a particular account in connection with a project or activity in which the top leader is allegedly involved. For example, an email of this type might read something like this:
How to Prevent Becoming a Victim of This Scam…