The latest industry news, articles and events
CEO fraud, a variant of Business Email Compromise (BEC), is when a malicious actor purporting to be a senior company executive communicates with employees and requests payment be made to a third-party bank account. This type of fraudulent activity affects organisations within all business sectors and is becoming ever more sophisticated.
Numerous techniques and sources are used to collate relevant information to assist with successful CEO fraud, such as social engineering via email and telephone. The WSJ reported that a UK-based energy firm was a victim of fraud where a criminal entity utilised artificial intelligence software to impersonate a chief executive’s voice and demand a transfer of £200,000.
Most attacks follow from successful blanket phishing, or ‘spear phishing’ emails, where the individual sends their credentials inadvertently to a threat actor, and the account is successfully compromised.
Following the intrusion, after a period of discovery in which they identify a suitable individual to target, an email is sent, containing instructions to send payment and usually stating an urgent situation or confidentiality to reduce any scrutiny and verification, typically to a more junior member of the organisation.
Fraudsters will commonly target an organisation’s finance department in an attempt to convince unsuspecting employees into transferring funds to a fraudulent bank account.
Sometimes, senior executives accounts are not even breached, they are merely ‘spoofed’. That is, a domain looking very similar to the organisation’s will be registered, and an email address with the individual’s same details will be registered.
The fraudsters are counting on the recipient not noticing this discrepancy and that they will comply with the urgent transfer request. To establish further legitimacy, they will include subject lines with “Re:” or “Fwd:” to masquerade the email as part of a previous conversation.
Many steps can be taken to prevent this form of business email compromise/‘man in the middle’ attack. Ultimately, it largely comes down to human error.
Some useful steps are:
London: 0207 438 2045
Manchester: 0161 797 8123