The Helfend Law Group is a federal criminal defense law firm that represents people who have been accused of orchestrating or participating in email scams. Call today at 800-834-6434.

It’s estimated that around 9.7 billion emails are sent every day in the United States.

We send emails to friends, family and coworkers, and we get emails from brands we follow, stores we shop from and services we subscribe to.

Because email is such a commonly used medium, it’s also a common venue for fraud.

Email fraud is often used to gain entry to other computer systems. A high profile example is the 2014 Sony Pictures leak, in which attackers used a spoofed Apple ID verification email to collect passwords from Sony employees, gain access to Sony’s network and leak secret documents.

The U.S. federal government takes email fraud very seriously, and depending on the specifics of the case, it can prosecute email fraud differently. However, in any case, email fraud is treated very seriously and can lead to extensive prison sentences. 

If you have been suspected of being involved in an email scam, it’s important to speak with a skilled federal defense attorney as soon as possible so you can discuss your case.

What is email fraud?

The term “email fraud” refers to using email in a deceptive way to gain access to something valuable that belongs to someone else. This can be anything from using phishing attacks to obtain sensitive information from someone to delivering malware in a ransomware attack to take control of someone else’s computer network.

The most common forms of email fraud are:

Phishing

Phishing is when someone sends an email while pretending to be a trusted person, such as Apple support. The goal is to convince the recipient to reveal sensitive data.

There are numerous types of phishing, including:

  • Spear phishing – A more targeted form of phishing.
  • Smishing – Phishing via SMS.
  • Pharming – Redirecting users to fake websites in an effort to obtain login details.

Malware delivery

This involves sending an email with a malicious attachment in the hopes that the recipient will download it. Malware can compromise the recipient’s network by:

  • Stealing Sensitive Information – Malware can record keystrokes and monitor user activity, capturing personal data, login credentials and financial information.
  • Encrypting Files (Ransomware) – Encrypts data and demands ransom for decryption keys.
  • Installs Backdoors – Allows unauthorized access to infected systems.

Social engineering

Lastly, attackers can use more direct tactics to gain access to unauthorized information or data. This can involve everything from using a compromised email address to impersonate someone else to manipulating individuals into revealing sensitive information by creating a sense of urgency or trust.

These tactics exploit human psychology rather than technical vulnerabilities.

How does the federal government investigate email fraud?

Email fraud cases usually start one of two ways. First, the victim can report suspected email fraud to agencies like the Federal Trade Commission (FTC) or the Internet Crime Complaint Center (IC3).

Otherwise, many cases are detected through automated monitoring systems by email service providers or cybersecurity firms.

After the alleged offense is discovered, it is forwarded for review. The FTC and IC3 compile data to identify trends and potential large-scale operations. Valid complaints are then referred to the appropriate federal agency, such as the FBI, Secret Service or Department of Justice (DOJ).

Investigation and analysis

Investigators will then collect digital evidence, including email headers, IP addresses and communication logs. They may issue subpoenas or warrants to access records from email service providers, internet service providers and financial institutions.

As they collect evidence, digital forensics experts will analyze the collected evidence to trace the origin of fraudulent emails and identify perpetrators.

If individuals involved in the scam were American or based in the United States, the DOJ can then bring charges against individuals or groups involved in the email fraud. Otherwise, if the phisher was overseas, federal agencies will refer the case to their counterparts in their respective countries.

Email fraud cases typically result in wire fraud charges

Email fraud is typically prosecuted as wire fraud under federal law.

According to 18 U.S.C. § 1343, wire fraud involves any scheme to defraud that uses electronic communications, such as emails, to execute the fraud.

Penalties for wire fraud can include fines, imprisonment for up to 20 years, or both. If the fraud affects a financial institution or is related to a federal disaster, the imprisonment term can extend up to 30 years

Depending on how the email fraud allegedly took place — for example, if it was used to steal someone’s credit card number or to gain access to a corporate network — wire fraud can be charged alongside other federal crimes.

Identity Theft (18 U.S.C. § 1028)

Identity theft involves the unauthorized use or transfer of another person’s identifying information with the intent to commit, aid, or abet unlawful activity.

Penalties:

  • Fines and imprisonment up to 15 years for basic offenses.
  • Enhanced penalties for aggravated identity theft, including mandatory two-year prison terms consecutive to any other sentence.

Unauthorized Access to Computers (18 U.S.C. § 1030)

This crime entails intentionally accessing a computer without authorization or exceeding authorized access, with actions such as obtaining information, causing damage, committing fraud or threatening public health or safety.

Penalties:

  • Fines and imprisonment ranging from 1 to 20 years, depending on the offense’s severity and impact.
  • Enhanced penalties for repeat offenders and cases involving national security.

Distribution of Malware

This involves creating, distributing or using malicious software to damage or disrupt computers and networks. It is often prosecuted under 18 U.S.C. § 1030 and related statutes.

Penalties:

  • Fines and imprisonment up to 10 years for initial offenses.
  • Severe penalties for causing substantial harm or targeting critical infrastructure, including up to 20 years in prison.

Experienced help for those facing federal charges

Facing federal investigation can be intimidating to say the least. Federal investigators have wide-ranging powers and seemingly endless resources, and they can be intimidating to deal with even if you are only involved as a witness.

If you have been accused of being involved in phishing scams, email fraud or more, Robert M. Helfend of the Helfend Law Group is here for you.

With more than 40 years experience defending the accused in cybercrimes cases, Mr. Helfend is a specialist in email fraud. Call 800-834-6434 today to schedule a free case evaluation.

Published June 20, 2024.