+1 (412) 924-5300 info@hornetsecurity.com

Successful Product CEO-Fraud – An old scam yet the danger remains present

by | Aug 16, 2018 | Security information

Successful Product CEO-Fraud – An old scam yet the danger remains present
The publicity around CEO Fraud may have calmed down, yet it is not yet extinct and still remains a serious threat. CEO Fraud, also known as ‘bogus boss’, still leads to digital larceny by deception, and thus causing displeasure and high economic damage for several companies such as a German company in the hessian rural district Groß-Gerau. Unknown cyber criminals were able to capture a sum of $380,000 Euro by successfully using CEO-Fraud. In 2016 alone, the total amount of monetary loss worldwide caused by this scam method was about $3.1 billion US dollars. That matched the profit made by Volkswagen in 2017.

Key figures on CEO Fraud in companies

Million euros a year, a group of cybercriminals captured by CEO Fraud in Germany between 2014 and 2017

%

success rate in CEO fraud attacks according to Info Security Magazine

How is it possible that the success rate of cyber criminals is still extraordinarily high even several years after its discovery as a tool used by cyber criminals? In the following text we will look at the procedures and the sophisticated fraud techniques of the offenders in order to improve the comprehension of the success of the scam.

Perfect Planning is half the battle: The Preparatory Stage of the CEO-Fraud

The target of CEO-Fraud is usually one single person. In most cases, an employee in the accounting department with direct authority to execute bank transfers. In order to execute the scam and make it appear as authentic as possible, extraordinarily good preparation is needed at the start of the scam. The magic word here is Social Engineering. Social Engineering means cyber criminals try to gather as much information as possible about their victim. They find such information on social media channels like Facebook, Linkedin or Xing. Most of the time, it’s easy to acquire personal information such as job title, place of work or even the complete organigram of a company.

Cheating and Feinting: The Offensive Stage of CEO Fraud

If the blackmailer has gathered enough information on their target they make the first contact and begin the offensive stage of CEO Fraud. The offenders now must accomplish a certain familiarity with the targeted subject. They do this by referring to current topics of the company in their email. This topic could be an upcoming acquisition or the latestsales figureswhich can be withdrawn from previous press releases.

To put the crown on the scam, some cyber criminals create an email address that is similar to the one of the CEO. In this connection, it is a perfidious trick to replace certain letters with letters that look extraordinarily similar. The letter L in mueller@examplecompany can for instance be easily replaced by a capital I. For the ordinary person, this scam also known as Spoofing can only be recognized by close scrutiny.

Another trick utilized by cyber criminals is the use of an existing emal communication. For example, if the offender knows with which person the CEO of a company usually communicates with and what topics are usually discussed, the perpetrator can counterfeit such communication. Fake logos and email signatures complete the picture of a completely legitimate email communication.

It’s in the email itself where cyber criminals dig deep into their bag of psychological tricks in order to initiate the transactions they desire. A commendation for the work of the targeted subject or the buildup of pressure can be used to trick the subject. Often, the offenders pretend to need a transfer of money to be sent as quickly as possible because an important and discreet deal could fail. It must be discreetso the targeted subject does not inform other colleagues about this affair which could end the scam.

CEO Fraud infographic by Hornetsecurity
Enlarge infographic

What accounts for the success of the scam?

In most cyber attacks, employees are the largest risk factor. The Federal Office for Security and IT (in German: Bundesamt für Sicherheit und Informationstechnik, short: BSI) has previously warned the public about the careless handling of personal data. However, companies contribute to this by publishing a multitude of information on social networks for marketing purposes. Just like that, the offenders have little difficulty accumulating a substantial amount of information to assist in the success of their scam.
Another crucial factor of the scam is the psychological component. Cyber criminals specifically and shamelessly exploit emotions like respect and trust for a manager or owner of a business in order to manipulate their victims.

How do I protect my company from CEO Fraud?

A healthy amount of skepticism and the right education are the essentials in the battle against the bogus boss. From the perspective of a company, it makes sense to work against the ignorance of many employees with regular cyber threat information or training events. This way, the tricks of the scammers like the scrambled letters or fake signatures can be specifically pointed out.

Also, the use of an email encryption service provides relief since a fake or missing signature automatically attracts attention. For thosewho are not sure despite all these precautionary measures a telephonic reinsurance from the pretended sender of the email is useful. This requires a smallinvestment of time and can prevent a possible scam from even taking place.

Meanwhile, there are instruments and methods to deter such fraudulent emails ending up in the inboxes of the employees. Managed Security Services, like the Advanced Threat Protection by Hornetsecurity are able to see through complex attack patterns like the CEO-Fraud and block it in the forefront using sophisticated forensic systems. Once an attack is detected, ATP sends an automatic notification to the security personnel responsible for thwarting such an attack. The result, CEO-Fraud and other scams have no chance of success and your employees can focus all of their attention on their important tasks once again.

Additional information: