CEO FRAUD: How Assent Tackled a Phishing Attempt!
CEO Fraud is a phishing technique where fraudsters impersonate authority figures to request payments or data from individuals within the company. The fraudster’s aim is to get the target to make a payment straight to them.
On 18th January, we received a suspicious email supposedly from our Director. Our Director just happens to also be our lead ISO 27001 Consultant, and this is where it gets quite ironic!
The email in our inbox read
From: Mr.Blogs <[email protected]>
Date: Thursday, 18 January 2018 at 09:29
To: Miss.XXXXX
Subject: Request for Payment for 18th of January, 2018.
Morning XXXXX,
Are you available? I need you to make a Chaps/Faster Payment transfer today? what details will you need to process this? Kindly send me a reply as soon as you can.
Regards,
Mr. Blogs
Sent from my iPhone.
As you can see the email seems very realistic. How did the members of staff know that this wasn’t our Director, and that it was indeed a scam?
Things to look out for:
- The address the email was sent from didn’t match the Director’s.
- We noticed that there were spelling and grammar mistakes in the email, including a misplaced question mark and the underuse of a Capital letter at the beginning of a sentence.
- Within our company we use signatures at the end of our emails and we don’t tend to send emails from our iPhones – something which this email had stated on it.
- None of our employees can approve financial transactions over email.
It can be challenging to identify CEO Fraud attempts, but with the right security training for all of your staff, it should be easy to classify. Luckily for small companies, phishing attempts stick out, however in larger firms it can be difficult and therefore, in some cases the phishing attempt is successful; the employees pay the scammers.
How did we respond?
We immediately alerted our Director and an all staff email was sent out.
Realising it was a fraud attempt the sender was quickly blocked.
Need more Information on Cyber Security?
Take a look at our Cyber Security portal and our ISO 27001 page for more information on information security. Can’t find the answer to our question? Contact Us!