Petronella Blog Archive

Visit our New Blog

CEO Fraud: Spoofing the Boss

Blog Post

Your boss emails you and instructs you to wire a large amount of money to a foreign business. It's not an uncommon thing, so you do it. What you don't realize is that it wasn't really your boss and you just gave thieves a nice big payday.  But don't worry, you're not the only victim.

It's a heist that is becoming more popular.  The FBI reported that thieves have stolen about $215 million this way since the beginning of 2014, $17 million of which came from one company alone.

The way it works is that hackers first gain access to email addresses or accounts of high-ranking businesspeople such as CFO's and CEO's.  They then send an email to a person in charge of making wire transfers.  In large companies, it's not uncommon for large amounts of money to be sent to a foreign account.  If the hackers are particularly savvy, they'll know things like travel schedules and the like so they can make requests while the person they're spoofing it away for business.

Texts and emails can both be spoofed, so , so the easiest way to avoid getting taken by this scam is to have a policy in place that requests for wire transfers must be done in person or over a voice call.