Cyber Risk Aware Blog

What is CEO Fraud, and How to Prevent It

[fa icon="calendar"] 05-May-2017 08:58:37 / by Stephen Burke

Stephen Burke

 Imagine going away on holiday and returning to find that in your absence your business bank account has been drained. When you ask your accountant, they are mystified - you gave the order for the transfer.

It may sound like the plot of a blockbuster thriller, but it's the scenario that has faced hundreds of business owners whose employees have fallen prey to CEO fraud.

Where CEO Fraud Begins

Like many cyber crimes, CEO fraud begins with phishing. Fraudsters will send phishing emails to executives within the company, or they will register a domain that is very similar to the company domain, and send emails from that, hoping employees won't notice the difference.

The fraudsters then give instructions to make payments to their accounts; these instructions look like they are coming from senior executives. The criminals don't just rely on email, though; they want the transactions to be completed urgently so they pile on the pressure with phone calls which leave employees with little time to think and see the flaws in their story.

Who is At Risk

If you think this only happens to companies with gullible employees, think again.

Today's fraudsters are increasingly sophisticated and are willing to put some effort in for a big pay-off. They will use language familiar to the company’s employees, they do their research - this is not like receiving a poorly worded email from a Nigerian Prince.

What To Do To Avoid Becoming Their Next Victim

The most obvious answer is to ensure that your employees know what to look out for. To prevent this from happening to your business, user awareness training may be the best investment you can make.

Review your business practices and make sure employees know the benefits of sticking to them. If you have processes in place for handling financial transactions and you never deviate from them, then when a fraudster tries to apply pressure to do things outside the system, it will be immediately obvious to your staff that something is wrong.

Make sure that your IT staff are up to date with current security needs, and keep communication channels open with all employees. It's better that someone asks twice for a genuine transaction than hand waves a fraud!

To find out how we can help keep your business smart in the face of CEO fraud and cybercrime, contact us today and avail of a free trial.

Request Cyber Risk Aware Demo

Topics: CEO Fraud, CyberCrime, Phishing, Social Engineering

Stephen Burke

Written by Stephen Burke