At Sigma Information Group, we have recently seen an uptick in CEO fraud attempts and would like to make you aware of what this threat is and how to protect your company against it.
CEO fraud, as defined by Alien Vault, is a variant of a phishing attack “…in which an email appears to come from the CEO of a company and instructs a CFO (or equivalent) to transfer funds into an account controlled by the attackers.”
CEO fraud typically begins with the scammers sending a phishing email to an executive in order to gain access to the recipient’s inbox. As an alternative, emails are sometimes sent to employees from a domain name with a spelling that is one or two letters off from the target company’s actual domain name spelling. It should also be noted that unlike regular phishing attacks, emails used in CEO fraud schemes tend to not set off spam filters because the emails are not mass emailed.
Last year, The FBI estimated that more than $3 billion had been stolen from more 22,000 victims of CEO fraud scams. It should also be noted that CEO fraud emails do not necessarily only target CFO’s, but have been known to be received by other employees who have the authority to wire money.
If you have questions about CEO fraud scams or would like to learn more about how Sigma Information Group can support your organization’s IT support needs, please contact us today at 512-664-7900.