• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

CEO Fraud: are you at risk?

November 7, 2018 By Sylvain LeJeune

CEO Fraud, also known as Business Email Compromise (BEC), is a sophisticated scam targeting businesses of all sizes leveraging social engineering. The ultimate objective is to get unauthorized transfers of funds to the fraud actors’ bank accounts. It’s all about hard cash and top executives being the targets of such scams.

There are 3 main attack methods:

  • Phishing
  • Spear Phishing
  • Executive “Whaling”

Spear phishing, and executive whaling in particular, are used to get to the big trophy. Malicious actors will spend a significant amount of time and resources gathering information to pick the right target(s) and to spy. Spying is essentially gathering a large amount of relevant information about a person (or several persons) of interest from multiple sources (corporate homepage, social media profiles, search engines, phone calls to extract further information, possibly going onsite to take photos, etc.).

The objective is to better understand the target’s work situation, co-workers, destinations for business trips, family members, hobbies, and more to discover vulnerabilities and to make the attack (the “hit”) credible and successful.

Thorough preparation is crucial, because usually a CEO fraud-type attack has only one chance of success. The hit must be successful the very first time. And fraud actors have to be prepared for unforeseen situations.

Who are the high-risk target personas?

  • Finance managers
  • CEO / top executives

Those corporate staff & executives have authority and access to funds. There are others of course, in particular HR Managers, who have access to valuable information about employees (social security numbers, addresses, phones numbers, salary details, emergency contacts, possibly healthcare and tax information, etc.).

A successful single BEC campaign can be very lucrative and yield USD150,000 on average, per various Industry analysts. See recent data from the FBI: https://www.ic3.gov/media/2018/180712.aspx.

A simple email with a “spoofed” email address from a member of the legal team and a subject line with the threat of a lawsuit is very likely to make even a CEO click any link.

Bad actors craft “spoofed” emails to look like a valid email from a familiar organization. A spoofed email will have altered properties, which disguise who the real sender is (e.g., FROM name/address, REPLY-TO name/address, etc).

In IT security in general, and in this type of fraud in particular, the 3 foundational pillars to address cyber threats including CEO fraud are:

  • People
  • Processes
  • Tools & Technology

It is critical for businesses to invest in and roll out IT security awareness training to turn staff into “human firewalls” – all of us, whether we work for small businesses, larger enterprises or governments must be able to spot a phishing email a mile away and be aware of basic IT security concepts & hygiene. We are the first (and critical) line of defense.

Here is a good resource about what phishing and email scams can look like. I encourage you to take a look and to share and like on social media, and spread the word. We can all play a role in building awareness and educating our co-workers, family members and friends.

https://www.lifewire.com/what-phishing-and-email-scams-look-like-4064080

 

When it comes to processes, backing up data and regularly patching out-of-date software are very important good practices discussed at length here at Secplicity.

Technology-wise, WatchGuard offers a range of capabilities because we protect airspace, identities and networks. An important service is certainly DNSWatch, our anti-phishing service, used in combination with other services in our Total Security Suite. Plenty of useful information and client testimonials are available at watchguard.com

 

Share This:

Related

Filed Under: Uncategorized

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • Here Come The Regulations
  • Successfully Prosecuting a Russian Hacker

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use