As us in the security industry know, CEO fraud is a big hit for today’s crafty cyber criminals. The technique involves a hacker, pretending to be the CEO of a company, sending an email to employees asking to do an urgent wire transfer.

While it might seem like quite an obvious trick, hackers actually have tools, which enable them to create an email address which is almost identical to the legitimate one, so to the untrained eye this type of scam can be very difficult to spot. In fact, so difficult to stop that there have been numerous stories in the news recently of companies losing hundreds of thousands of pounds to CEO fraud.

While one might believe this scam only affects the big businesses out there, the truth is everyone is a target, even Eskenzi PR….

Last Friday morning I was at home checking my emails with my morning coffee, when I noticed an email from the Eskenzi CEO – Yvonne Eskenzi. When I opened the email I found a rather urgent note from asking me if I was in the office and if I could do an emergency wire transfer. The email also stated that “Yvonne” was only available on email and not to call her.

My first thought when I saw the email was “why on earth would Yvonne think i’m in the office at 7.30am, she knows me better than that…”

I then looked more closely at the email and realised that while the sender was called Yvonne Eskenzi the actual email address was nothing like our usual company format. This obviously made me concerned and I was able to deduce pretty quickly that it was a phishing email. Eskenzi is a security PR agency and we therefore talk about these scams on a daily basis. We know the best ways to spot a fake email from a legitimate one, but unfortunately not all companies will be able to this.

CEO fraud is a huge business for hackers and companies therefore need to be on the look out for these scams. It is therefore advisable to always teach staff to look closely at email addresses and never carry out a money transaction unless they can be 100% sure the person on the other end of the email is exactly who they say they are.

 

Advertisements