By Anna Chan and Martin Tse

You cannot trust anyone --- “One may smile, and smile, and be a villain.”

While not everyone has heard of this quote from William Shakespeare’s famous play Hamlet, you will have to agree that it fittingly describes the Hamlet-esque story that you find in your email inbox out of the blue: his father having passed away, a Nigerian prince’s throne was usurped by his uncle and he now needs your help to transfer his funds out of Nigeria, in return you would keep a portion of the funds. All you have to do is to give him your personal details (so the Prince knows who you are), your bank account number (for you to temporarily “safekeep” his funds), and of course, to pay a fee in advance.

Yes, this is apparently a scamming technique that has been widely deployed since the 1980s, and while every year there are still people who succumb to the temptation of windfall, more and more people are aware of the reality.

Fraudsters are therefore making use of a different modus operandi in recent years, one that is more specific instead of the “spray and pray” Nigerian prince model. Also carried out by way of email scam, fraudsters would first hack email accounts or compromise computers to obtain vital information, then tailor-make the fraud scheme to deceive the email recipients into paying them.

How do email scams operate?

In many cases that we came across, the victims are mostly trading companies with business counterparts all across the globe. The diagram below illustrates how the scheme operates.

1. There had been genuine sale of goods by the Supplier to the Victim.
2. The Supplier then sent payment invoice (sometimes together with the bill of lading, the purchase order etc.) to the Victim via email. 
3. The Fraudster, having hacked the Supplier’s email account, pretended to be the Supplier and send a forged payment invoice, bill of lading and purchase order by changing the bank account details and the document letterheads via email. The forged email would normally come from a fraudulent account which is strikingly similar to the Supplier’s genuine email account (e.g. changing from [email protected] to [email protected]), misleading the Victim to believe that the email was from the Supplier itself. The façade is further reinforced by the Fraudster justifying the different payment details with excuses such as change in accounting policies. The Victim is of course reasonable and courteous enough not to venture too far and challenge the legitimacy of such policy.
4. The Victim, failing to notice the subtle difference in the forged email, remitted money to the Fraudster’s bank account.
5. The Victim would eventually realize the scam perpetrated by the Fraudster upon the Supplier’s reminder chasing for payment or its notice that money was never received. The scam might be discovered slightly earlier if the Victim sends a remittance advice to the Supplier, and then the Supplier informs the Victim that the recipient bank account is apparently not the Supplier’s bank account.
6. By that time, it is likely that the Fraudster has dissipated the funds from its bank account, most probably to other jurisdictions.

What to do next?

1. A complaint should be filed to the Hong Kong Police or the Joint Financial Intelligence Unit (JFIU) such that they might take action to freeze the Fraudster’s bank account in Hong Kong.
2. At the same time, the victim should file a parallel report to the relevant authority in its jurisdiction. Certain jurisdictions have online reporting systems dedicated to cybercrimes, such as the Internet Crime Complaint Center (IC3) under the U.S.A. Federal Bureau of Investigation and the U.K. “Action Fraud” National Fraud & Cyber Crime Reporting Centre.
3. A letter should also be issued to banks (including the sending and recipient banks), alerting them of the scam and demanding return of the defrauded fund and/or preservation of the fund in the relevant bank accounts.

The victim’s effort to recover the money is always a race against time. It is therefore always advisable to act as soon as possible, and ideally within 24 hours from the fund transfer, as thereafter the fraudster is very likely to have already dissipated the funds. If law enforcement authorities or banks have not decided to freeze the relevant accounts, the victim should seek assistance from lawyers to apply for a Mareva Injunction (i.e. asset-freezing order) on the civil route to prevent dissipation. 

If the money is successfully retained in the bank account pursuant to the injunction, civil proceedings should be commenced against the bank account holder to recover the money in equity. The fraudster is very unlikely to contest the proceedings (by this time he probably has absconded) so the victim can apply for a monetary default judgment against the fraudster unhindered. To actually recover the money, the victim then needs to apply for a garnishee order, which once granted will compel the bank to directly transfer the money from the fraudster’s bank account to the victim.

Recent case law suggests that other than the conventional way of obtaining a monetary default judgment, the victim might also seek a declaration in default to assert a proprietary claim over the funds in the fraudster’s bank account which, if succeeds, would lead to a vesting order. The bank will then be compelled to immediately transfer the money back to the victim without the need to wait for the garnishee order. 

If the money has already been dissipated by the time the injunction is obtained, the victim will have to take extra steps to “trace” the money. A discovery order for banker’s record needs to be obtained first, so that the victim can ascertain the flow of the money and track down where it was transferred to. Most of the time it would be a cross-jurisdiction transfer, which adds another obstacle to the victim’s recovery. The victim will have to engage lawyers in that jurisdiction to commence new proceedings against the new, foreign recipient of the money, and also conduct further discovery and tracing to ascertain the latest whereabouts of the money. As one may see, if the money cannot be frozen in time, the matter will be very complicated with time and costs spiraling out of control, and at the end of the day, the fraudster may still be one step ahead of the victim so that the victim cannot recover the stolen money. This is exactly why the victim is advised above to act as soon as possible.

Prevention is better than cure

It is always better to take preventative measures rather than looking out for remedies. You may check out some practical preemptive measures from the Police’s article “Tips for Smart Netizens” which is available at http://www.police.gov.hk/ppp_en/04_crime_matters/tcd/tips.html

What OLN can do for you

OLN has acted for the victims in many email scam incidents, and electronic fraud cases generally. On most occasions, OLN has successfully obtained the Mareva Injunction and recovered a substantial portion of the defrauded money (if not entirely). With extensive experience in civil litigation, we will be able to assist you in a swift and efficient manner. 

Another fitting quote by William Shakespeare in Henry VI would be appropriate to conclude this article:

“Wise men ne’er sit and wail their loss, but cheerily seek how to redress their harms.” 

This article is for information purposes only. Its contents do not constitute legal advice and readers should not regard this article as a substitute for detailed advice in individual instances.