Print This Page

CEO Fraud Emails and 2 Easy Ways to Stop Them

An unprecedented & dangerous increase

There is a new scam in town that is making the rounds called the “CEO Fraud”. The FBI claims it is responsible for $2.3 billion in losses a year. Although the impact of fraud is seen around the world, recently we’ve seen it in Edmonton. The details of the fraud are simple and that is what makes it seem so innocent. In addition to the simplicity of this scam, the fraudster relies on something most of us can relate to… being overworked.

The FBI claims it is responsible for $2.3 billion in losses a year.

But unfortunately for all of us, hackers actually do bother with small businesses across the country — they just don’t make the news. By some estimates, including one reported in Media Planet, more than half of small businesses have had their data compromised. According to StaySafeOnline.org, these attacks, targeting small to midsize companies, now compose over 70 percent of all data breaches. What’s worse, this digital onslaught shows no sign of slowing. In fact, ransomware attacks alone have increased 250% since 2016, accompanied by higher rates of malware, phishing, and other forms of cybercrime.

How the Scam Works

Below is a scenario based on something that happened to a local Edmonton company, and hopefully by the end of reading this, you will have a better idea of what to do to avoid getting scammed.

1. The Bluth Company’s accounting department gets an email from michael@b1uth.com that goes something like this:

From: Michael Bluth [mailto:michael@b1uth.com]
Sent: Monday, May 02, 2016 4:53 PM
To: Katherine Sanchez<katherine@bluth.com>
Subject: Bluth Company Invoice

Katherine, can you take care of an outgoing wire transfer payment for an invoice today?

Email me, I’m too busy now.

Michael Bluth
President & CEO
Bluth Company

</katherine@bluth.com>

[Some footer details about who should get this and so on]”

2. Katherine, the great accounting person that she is responds with something like:

“Hi, Michael,

I can help you with that I just need the following details…

Katherine
Accounting Enthusiast
Bluth Company”

3. Now that the fraudsters have someone that can help them, they just give Katherine the details for the transfer and they get paid for all of their hard work.

Now that you know how it works see if you can spot the suspicious detail in the email. It’s extremely hard to catch, and for some, they don’t even know how to reveal the info needed to detect this scam.

If you look closely you can see the domain that was used was not bluth.com. Take a look at the email address this message was sent from.

Fake email address: michael@b1uth.com
Correct email address: michael@bluth.com

You can see that in the fake email the “L” is actually the number “1”.

[email image pointing out domain]

In some cases, even the email address can be spoofed to show the CEO’s actual email.

So that is a breakdown of how this specific fraud works. They rely on the accounting person to be overworked and to reply to their email. Instead of replying to the CEO, the accounting person gets the fraudster and then it goes from there.

Two Simple Fixes

Unfortunately, these scams are difficult to block with anti-spam services. The reason being they are unique emails targeted to specific email addresses making them look legit. Fortunately, there are 2 things you can do to spot these fake emails.

1. Verify the “From” Email Address

Once you know what you’re looking for (a fake “from” email) it’s easy to spot a suspicious email. The challenge some people face though is how to find that info in the header of the email. For outlook 2007, 2010, and 2013 all you have to do is follow these steps:

Start Outlook
Double-click the message for which you want to view full internet headers.
Click “Options” for 2007 and “Tags” for 2010 and 2013.

2. Two-Factor Authentication

The second method to stop these fraudulent emails is the same way the Edmonton business found out something was off with their email. Their accounting person noticed that the email seemed a bit off and double-checked with the CEO over the phone. He knew he didn’t send the email and was able to stop the wire transfer before it was sent.

It is important to note that the accounting person was able to call the CEO. If she would have replied to the email to ask for verification the scammer would have verified the request and she would have most likely sent the wire transfer.

Hopefully, these tips will help your email be a bit safer.

What Kind of Companies Would Use Desktop-as-a-Service?

Tuesday, November 23, 2021

Any company can use desktop-as-a-service, but this is generally utilized by those who want to minimize laptop costs and by those who want to control employee data access.

How Virtual Desktops Ensure Continuous Operations

Friday, January 14, 2022

7 Reasons Your Business Needs Desktop as a Service

Tuesday, July 27, 2021

Recent technological developments in cloud computing have made "as a Service" practices just as or even more effective than traditional servers.

3 Reasons Why Business Owners Choose to Connect their File Servers to the Cloud

Half of your employees love the file server, since it is fast, easy, and centralizes all work files in a single location on the network at the main office. Meanwhile, the other half of your employees may likely hate the file server.

Show more from Blog

This site has features Features include this sites' Hover Navigation; Carousel; Gallery; Cart; and Checkout. that require Javascript Javascript is a web browser technology that adds advanced behaviour to websites in order to make them more rich and interactive. Please note Java is different and is not required. . Please follow these instructions to enable it in your browser.