New Resource Bank : Are You On The Lookout For CEO Fraud?

Blog
> Are You On The Lookout For CEO Fraud?

Posted 01.09.2017

Does your business work with foreign suppliers or regularly perform wire transfer payments? If so, you are a target for fraudsters that are looking for businesses just like yours. Over an 18-month period , the FBI reported a 1300% rise in what they call Business Email Compromise fraud, also termed CEO Fraud. Business Email Compromise (BEC) is a sophisticated scam that is carried out by tricking someone into making a large wire transfer into what turns out to be a bogus account. Most victims are in the US, and the fraudulent wires have been sent to 79 countries, but most end up in China and Hong Kong. Think you're too small to be on the radar of fraudsters? Think again. These attacks are anything but rare. In fact, they are so successful that billions have been plundered out of corporate accounts. We have had several clients, small and large, targeted by this scam and some have become victims.

There are a few different methods that this can be carried out. Since most businesses with a website are happy to share the names of executives, it's easy for fraudsters to identify targets. All it really takes fraudsters is convincing someone internally in your accounting or finance group that a fraudulent email is really from the CEO or decision maker.

Although New Resource Bank has several policies in place that will verify that the wire request is coming from an authorized person, if that authorized person is convinced that the wire is valid, it is very difficult for us to spot this activity as anything but routine when submitted by your organization. You and your staff have to be aware that this is possible and set up internal policies to double check any wire transfer requests within the organization.

Many businesses focus their risk mitigation efforts on technology. There is no doubt that antivirus, anti-malware, firewalls and intrusion detection/protection will help, but all this is worthless if your staff is not properly trained to spot a phishing email or is susceptible to CEO fraud. Employees are the weakest link in any IT system. To help you better understand this risk and protect yourself and your business, you can download a CEO Fraud Manual from one of our security vendors, KnowBe4.com here. Guardian Analytics has also published a 'Best Practices ' guide for businesses to detect the Business Email Compromise scam.