By: Joy Huffman
CEO Fraud, also known as “Business Email Compromise” (BEC), is a scam that is carried out by compromising legitimate business e-mail accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers or funds. The FBI reports total BEC exposed losses at over $1.2 billion since 2013 and an increase of 270% percent since 2015. Big companies such as Tech Firm Ubiquiti is just one of the many companies to fall victim to this criminal fraud. The incident involved employee impersonation and fraudulent request from an outside entity targeting the company’s finance department. This fraud resulted in transfer of funds totaling $46.7 million! The scam begins when the scammers create a look-a-like domain and create email accounts with your company’s executive team members. They figure out your organizational structure and send an email to your controller. The scary part is they are able to provide a legitimate sounding company name and a real bank (Citi) to forward the money. Suggestions for protecting your company against this scam include immediately educating your accounting team and warning your entire finance department to not send any wire transfers before verbally speaking with the appropriate employee. Sit down with your CFO and ensure proper documentation and approvals are required for all money transfers. Some companies are registering any look-a-like domain names to prevent scammers from sending emails from look-a-like domains. For example, if a scammer was targeting a user at exampledomain.com, they might also register the domain exampledoma1n.com or exaampledomain.com. The scammer hopes the recipient will not notice the slight difference in the domain and assume it’s from a trusted sender. Investigators are finding scammers are sending emails out on the same day they are registering the new fake domains in hopes they can extract payment before the domain is reported and suspended. If you have any suspicions about an email requesting a wire transfer, investigate it further before proceeding with the request!
