One of the least sophisticated social engineering schemes is fake CEO email fraud. It is less risky, can generate high rewards, and has low cost. Note that profitability of the fraud activity will depend on the extent of the information regarding the target organization that the fraudsters have. Besides, the cybercriminals must know when the senior employee is out of the office to effectively execute their plans.
We have been analyzing the CEO email fraud scams and one thing we have realized is that the fraud procedure has three components.
Online reconnaissance phase
First, the criminals use the social media platforms and web to find as much information as possible about their victims. They will try to find out who are the company’s key decision makers in the finance department, payroll, and human resources. These fraudsters are likely to collect the intelligence by reviewing the business structures to spot the primary stakeholders and the relevant chain of command. Besides, they can scrap the company’s emails to get important information about the company.
In some cases, where the CEO email fraud scams are more sophisticated, the senior employees’ emails might be compromised with emails that have links that are intended to install keylogger. Keylogger is a malware that records what you type on your keyboard and do on your computer and sends this information to the cyber criminals. With such information, the cybercriminals will be in a better position to understand the company well but also gets access to user account when searching for patterns where internet address is given followed by a nickname and text strings for passwords.
The fraudsters use the company details to craft a convincing message
Once the fraudsters have collected the information regarding your organization, they will go head and create a convincing message that might be irresistible to some employees. They might buy a domain similar to that of the target company and register email addresses that are similar to your business emails.
The actual email fraud wire transfer
The fraudsters will provide a procedure for transferring the money and the account where the money will be transferred. Sometimes, they may tell the employee to wait for further details from a fictitious company advisory firm or company lawyer. According to reports released by FBI, these funds are usually redirected or sent to international accounts in Hong Kong and China. Keep in mind that once you have initiated such a transaction, you have 24 to 48 hours to cancel.
To cushion your company from such fraud practices, you need to take preventive measures to ensure that your employees are aware of such fraud attempts and can detect them before the company loses any funds.