A 64-year-old man has pleaded guilty in a Texan court to charges of money laundering after a series of attacks that defrauded companies out of hundreds of thousands of dollars. Kenenty Hwan Kim (who sometimes went by the name Myung Kim) took advantage of a simple trick that has proven highly effective to fraudsters in recent years. The method of tricking businesses into handing over large amounts of money is known as Business Email Compromise (BEC), and comes in a variety of flavours. One type of BEC scam works as follows:
- The scammer, posing as an established vendor, sends an e-mail to a business's accounting department, informing them that their bank account details have changed, and that future payments should be made to the new account.
- Often the fraudster will pretend to come from a construction company with which the targeted company already has an existing business relationship, and may be in the habit of paying large amounts of money.
- A scammer will often spoof the genuine email address of the company they are posing as, by using a similar-looking domain.
- When it comes to the next payment to be made, the targeted company sends it into a bank account under the control of the fraudster. Often the money might not be possible to recover once the targeted company realises its mistake.
A somewhat more sophisticated type of BEC scam sees the attacker actually hack into a business's email accounts, read their communications and observe what projects are being worked upon, and then eventually pose as a supplier to have funds moved into a bogus account. Kim, it seems, was not a hacker. But he felt that he had devised a well-conceived plan for stealing hundreds of thousands of dollars and then successfully laundering it, which did not require a huge amount of technical prowess. Solid Bridge Construction, a company which helps develop large scale commercial projects, based in the city of Huntsville, Texas, was Kim's first victim. One of the companies that Solid Bridge works with is Chance Contracting LLC, based in Pinehurst, Texas, who are involved in the construction of road surfaces for large commercial construction projects. Solid Bridge received an email in 2018 claiming to come from Brett Chance, the owner of Chance Contracting. The email claimed that Chance Contracting was having "issues" receiving check payments, and asked that a payment could be sent to a different address - one located in Washington. Solid Bridge duly sent a check for $210,312.00, believing it was making a payment in response to a legitimate invoice from Chance Contracting.
Of course, the real Chance Contracting never received the payment. Instead, Kim - who had posed as Brett Chance on email - deposited the check into a bank account he had opened in the name of Chance Contracting. How did Kim pull off the scam? He used an email address that looked very like - but not quite the same as - the one used by the genuine Brett Chance of Chance Contracting. If greater care had been taken to confirm that the email communication from "Brett Chance" was genuine, maybe the money would never have been stolen. A simple step such as contacting the sender (via a previously verified method) when they requested that their payment details be changed might have saved over two hundred thousand dollars being lost. In January 2019, Kim struck again. This time his target was household appliance manufacturer Electrolux. Posing as one of its retail partners, Kim tricked Electrolux into wiring a payment of $333,208.85 into a bank account under his control. As The Register reports, following both attacks Kim attempted to transfer stolen funds - split into small quantities in an attempt to avoid suspicion - out of the country to an individual named Siyabonga Dlamini based in South Africa. The assumption is that the funds would at some point be wired back to Kim, from South Africa into the United States, in an attempt to cover tracks. The maximum prison time that Kim could face for conspiracy to commit money laundering is twenty years in jail, however when sentenced this August Kim's sentence is likely to be significantly reduced if he has properly co-operated with the authorities.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.
Meet Fortra™ Your Cybersecurity Ally™
Fortra is creating a simpler, stronger, and more straightforward future for cybersecurity by offering a portfolio of integrated and scalable solutions. Learn more about how Fortra’s portfolio of solutions can benefit your business.