Cloé Michalski

Cloé Michalski

Marketing Specialist

CEO fraud, a type of phishing that is gaining in popularity

Share on facebook
Facebook
Share on linkedin
LinkedIn
Share on twitter
Twitter

CEO Fraud, a popular scam that employees should watch out for, especially since confinement because employees tend to be less vigilant when telecommuting.

It’s about cybercriminals who hack into corporate email accounts, including the president’s. CEO fraud can affect any type of business, from small family businesses to large multinationals.

The goal is to deceive the accounting or the HR department by asking them to make unauthorized electronic transfers or by sending confidential information. Since the email received is signed in the name of the President or a member of management, employees will regard the email as important. Sometimes, cybercriminals will even use information that is accessible to the general public in order to make email more credible and therefore gain your trust.

Here are 5 tips on how to identify a fraudulent email

1) Make sure the sender's email address matches your business

Make sure the contact who sent you the email has an address that matches your business address. In the majority of cases, you will notice that the email used makes no sense. Example:

CEO-Fraud-exemple-faux-expéditeur

2) Compare the sender's signature with an old email received by your CEO

Very often in companies, employees must use an official signature with telephone, logo, etc. Fraud emails generally have a very short signature without a logo.

Example of a bad signature :

Example of a company signature :

3) Analyze the type of writing

This step is less obvious, but try to decipher if the writing type corresponds to an email that your CEO would send you. You will notice that in fraudulent emails, there is often a tone of eagerness to prompt the recipient of the email to act quickly without asking too many questions, for example: urgent, send me the information now, etc.

4) Ask yourself if the request in the email respects the protocols within your company

In some fraud emails, you will be asked for confidential banking information. Ask yourself if your CEO would ask you for this type of information by email without taking any security measures, such as a password, etc.

5) Check if the email is personalized

Is the email addressed to you directly or is it general? Very often during phishing, the email uses broad terms such as; dear customer, madam, sir, etc.

CEO fraud in conclusion

In conclusion, when you have any doubts about any of the previous points, it is most likely a scam. In addition, nothing prevents you from asking your CEO directly if he has sent you an email. Companies also have a duty to educate employees about the types of threats they can be alert and forward-looking.

Other blog articles to discover