In fact, global businesses lost over $43 billion to CEO fraud from July 2019 to December 2021, according to the FBI. Read on to learn about CEO fraud and the simple steps you can take to protect your organization.
A CEO scam, also called Business Email Compromise (BEC), involves a cybercriminal impersonating a company’s CEO or a high-ranking executive and using this false identity to trick employees into sending sensitive information or money.
Let’s take an example.
An employee comes to work on a Tuesday morning and finds an email in their inbox that seems to have been sent from the company’s CEO. The email requests that they transfer a significant amount of money to a specific bank account as soon as possible. The CEO explains that they urgently need the money for a confidential company acquisition. They insist on the urgent aspect of the transaction.
This cybercriminal was able to create a fake email address that closely resembles the CEO’s legitimate email address. And naturally, the receiver doesn’t know that the email is, in fact, a fraudulent message.
The employee believes that the message is genuine, follows the instructions, and transfers the money to the specified bank account.
The company just fell victim to a CEO scam!
In addition to training employees specifically to detect CEO scams, establishing a security protocol is a must these days, no matter the size of your business. Some of the things you could incorporate in the company’s security policy include the following:
CEO fraud or BEC scams are a serious threat to Canadian businesses. Cybercriminals are becoming increasingly sophisticated in their methods, making it more challenging to detect and prevent these types of attacks. However, by implementing a strong risk management policy, educating employees, implementing strong authentication protocols, and working with cybersecurity professionals, businesses can significantly reduce their risk of falling victim to a CEO scam. Remember, prevention is always better than cure, and it's crucial to take the necessary measures to protect your organization and its sensitive information. By staying vigilant and proactive, businesses can avoid the financial and reputational damages associated with CEO fraud.
At Present, we are on a mission to help our clients identify vulnerabilities, strengthen their cybersecurity and ensure their corporate data and sensitive information is safe.
So, don’t hesitate to contact us to learn more about our services and how we can help.
Don't wait until it's too late!