Beware of CEO Fraud: What is it and How to Detect it

log in page

What is CEO Fraud?

CEO Fraud is an email-based cyberattack designed by hackers to impersonate company executives. Spoof company emails are sent to trick employees into sending confidential information or wire transfers.

The FBI refers to this type of cyberattack as a “Business Email Compromise” (BEC) which they define as “a sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. The scam is carried out by compromising legitimate business e-mail accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds.”

From January 2015 to June 2016, the FBI has reported a 1300% rise in losses due to CEO Fraud. These fraudulent transfers have been linked to 79 countries, with most ending up in China and Hong Kong. CEO Fraud has around a 90% success rate because the chances of recovery are small unless it is identified within 24 hours.

Four Types of Attacks

1. Phishing
– Emails are sent to a large number of users to “fish” confidential information by posing as reputable sources.
– Reputable sources can be: credit card companies, delivery forms, banks.

2. Spear Phishing
– More targeted and focused type of phishing.
– Cybercriminals study a target group and collect online data about them.
– Phishing email is sent to a target group based on a service that they use.
– Email can be personalized with the target’s name.

3. Executive Whaling
– Targets top executives and administrators.
– Strives to get users to send money or to disclose confidential data.
– Key feature of executive whaling: Email personalization and detailed knowledge of the executive and the business.

4. Social Engineering
– Uses psychological manipulation to trick people into revealing confidential information or providing access to money.
– Includes mining information from social media sites such as Facebook or LinkedIn.


Five Common Attack Situations

1. Receiving or starting a wire transfer request
– Spoof emails that come from top executive emails and are sent to employees.
– Email includes a message to transfer funds.
– Email looks real as it comes from a correct email address.

2. Executive and attorney impersonations
– Hackers impersonate executives or lawyers dealing with confidential and time-sensitive information.

3. Sending fraudulent emails to a business’ contacts.
– Cybercriminals take over an employee’s email account.
– Invoices or other documents can be sent to company suppliers.
– Money can be transferred to fake accounts.

4. Businesses working with a foreign supplier
– Takes advantage of an established wire-transfer relationship with a supplier.
– Asks for funds to be transferred to a different account.

5. Data Theft

– Fraudulent emails requesting confidential information such as tax forms or company lists.
– Emails come from spoofed executive email accounts and sent to HR, auditing or accounts departments.

If you would like to learn more about how to protect your organization from CEO fraud, be sure to give us a call.