CEO fraud costs almost 42.3 million dollars

in News

on

Just got lucky again

One of the biggest cases of business email compromise fraud occurred back in July this year. A company from Singapore fell victim to the perfidious fraud scheme. The company received a questionable email purporting to come from a supplier. It asked for an outstanding payment to be transferred to a new bank account. Nobody noticed that the e-mail address was slightly different from the supplier's official address. Accordingly, 42.3 million US dollars were transferred to the fraudulent account. The scam only came to light four days later when the real supplier contacted the company to remind them of the payment. The company reacted immediately and called the police, who called in Interpol. Within a few days, 39 million dollars were frozen from the fraudster's account. In addition, further investigations led to the arrest of seven suspects and the return of a further 2 million US dollars to the victim company.

Refined

CEO fraud, also known as Business Email Compromise (BEC), is an increasingly sophisticated form of financial fraud. Hackers gain access to executives' email accounts or imitate their identity in order to deliberately deceive employees and get them to make transfers to fake accounts. 

Typical procedure

The typical process looks something like this: The perpetrators first gain access to an email account of an executive, e.g. the managing director or CFO. They then send a message from this account to employees in accounting or financial administration, requesting an urgent transfer to a new account. In doing so, they imitate the writing style and habits of the manager concerned in order to feign the authenticity of the request. Sometimes, as in the example of the company from Singapore, the email addresses used differ only slightly from the official addresses.

Raising awareness helps

All employees need to be made aware of this. Our partner KnowBe4Germany offers automated security awareness programs that help to prevent this from happening. 

Stay one step ahead of cyber threats with the DEFENDERBOX: strengthen your company's resistance to hacker attacks.

Would you like to know how secure your company is? Find out with a test installation!

class="wp-image-6682"
news
home page
class="wp-image-6682"

Current contributions

  • Over 80% critical security vulnerabilities
    Alarming results from our IHK cooperation on IT security at companies! Which critical security gaps were found in our pentests?
  • "Find & Fix" campaign to get to know each other
    Protect your company and find out which security gaps or vulnerabilities exist in your IT.
  • New DEFENDERBOX feature
    After each pentest (penetration test) with the DEFENDERBOX, our customers receive an email informing them of the status of the result.
  • DEFENDERBOX NIS-2 compliant
    Our DEFENDERBOX is NIS-2 compliant, i.e. the DEFENDERBOX reports document exactly all pentests that are valid as NIS-2 certification for the NIS-2 audits.
  • Targeted by cyber criminals
    If law firms fall victim to blackmail cyber attacks, the damage is particularly high. This is why ransoms are often paid. Investments in cyber security and insurance offer protection.
class="wp-image-6678"

Do you want to know how secure your company is? Try it out! Click here for a test installation of DEFENDERBOX.
The trial offer is valid until
30. September 2024.

Order now

Comments are closed.