Imagine: You return from holiday to discover that your accounts team have wired hundreds of thousands of pounds of company funds to a stranger. What’s more shocking is that it was supposedly by your request. This email scam is trending – CEO fraud or Business Email Compromise (BEC). Over $3 billion have been lost over the past three years with over 22,000 victims across the globe.
How the scam works
Attackers spoof the email address of CEOs or directors. They then send messages to the company’s finance department posing as the CEO, tricking them into wiring money. The fraud usually begins with phishing emails to gain access to inboxes, and also to check whether an out of office reply is received. Scammers use Out of office replies and social media to determine whether their target is absent. Each attack is well-researched and targeted specifically to that company, so it is important to be aware that this scam is around and gaining momentum.
Who is targeted
Small and medium sized business are most targeted by scammers. However, while nearly 40% of victims identify as small to medium businesses, larger corporations have equally been affected. Earlier this year the CEO of an Austrian aerospace parts manufacturer was fired after the company lost 42 million euros to a BEC attack. The fraudsters posed as the CEO in order to transfer money to an account for a fake ‘acquisition’. Scammers often focus on companies that work with international suppliers where transferring or wiring money to international accounts is not out of the ordinary.
For many companies such a request may not seem unusual, which is one reason BEC scammers have had so much success. Likewise, throughout a busy workday an emailed request may be plausible enough to fly under the radar. Scammers follow a working day sending emails when you would expect to receive them – during business hours and avoiding lunch time. It is important to be wary, even in the daily commotion of the office where urgent tasks and distractions may cause security to be lax.
How to stay safe
Hackers cleverly disguise their scams so it is important to be aware of common signs of phishing emails. However, these are a few telling signs to look out for and advice on how to safeguard your company. You can also click here for our blog post with ITVET’s tips for spotting phishing emails.
1. The subject line
‘Request’ is the most commonly used subject line or other single-words such as payment, urgent or transfer. These are hard to filter as the simple mundane subject lines do not arouse suspicion.
2. The email address
Occasionally, the scammer’s email address may on first glance appear to be from your director. On closer inspection you might notice that the domain may be off by one letter e.g. [email protected] Scammers are aware that during a busy day such small, sly changes could go unnoticed.
Make sure your accounts team are aware of this thriving scam and to reinforce the importance of acting cautiously around financial transactions.
When it comes to protecting your company from a scam, communication is key. Cross-checking financial requests or two-factor authentication is important, ideally through multiple modes of communication. Verify significant transactions verbally or in person, especially if the request seems out of the ordinary.
To discuss your email security contact our team on 01279 464 470 or email [email protected]