CEO fraud or Business Email Compromise (BEC) is the latest attack on the corporate industry from cyber criminals. During these scams, a cyber criminal disguised as a CEO or senior executive of their company will send an email to staff members to convince them to wire money into their accounts, or divulge their coworkers’ personal information to commit tax fraud. These criminals can also launch the attack over the phone by calling an individual and impersonating an attorney, creating a sense of extreme urgency and tricking the individual into acting promptly.
To protect yourself from CEO scams, consider these tips:
- Use your common sense. If you receive an email from your boss or coworker that seems odd and may contain a strong sense of urgency, unusual signature, unexpected tone or the name they address you as is different from what the person normally calls you, you could be under attack.
- Take notice of the email address or phone number. If these do not match the normal addresses for this person, call the person at a trusted number or meet in person to confirm the call or email was from them.
- Be familiar with security policies or procedures that your organization may have in place for authorizing the transfer of funds or releasing confidential information. Those who are attempting to ignore these policies should have their identity verified before the transaction occurs.
- If you are unsure of what action to take when receiving one of these emails or phone calls, contact your supervisor, help desk or information security team right away.
For more information about CEO fraud and how to protect yourself and your company, visit the following link: https://securingthehuman.sans.org/newsletters/ouch/issues/OUCH-201607_en.pdf