Forex Fraud: How to Detect It & Avoid Different Scam Methods

by Gergo Varga
According to a worldwide survey, 65% of organizations experience at least one spear-phishing attack every year and one increasingly popular method is known as the CEO scam or CEO fraud.
Let’s take a closer look at what this entails and how you can help your employees – and yourself – to prevent it.
In simple words, CEO fraud is a social engineering attack where a criminal pretends to be a company’s CEO and approaches employees in an attempt to gain money, information or access to its systems.
In fact, it doesn’t even have to be the CEO in particular. Any member of upper management in a company is fair game to these fraudsters – the CFO, for example, or the COO.
What makes it a social engineering attack is the fact the fraudster assumes the identity of a person of authority that the victim would do their best not to disappoint or even question – and this is exactly why it can be so effective.
Because it usually targets specific individual employees, having gathered some information about them, CEO fraud is also said to constitute a type of spear-phishing attack. We should note, however, that some would clarify it’s technically only spear phishing when conducted via phishing means.
No matter the individual parameters though, in the heart of it, a CEO scam is whenever someone takes on the identity of a high-ranking official in a company, so they can more easily access funds, data, or physical premises.
CEO fraud is a niche type of attack, but it is becoming increasingly common around the world.
What’s more, new remote and hybrid working arrangement trends mean less physical proximity between employees and can result in fewer and fewer employees having any interaction with upper management – becoming more fertile ground for CEO-type fraud.
UK Finance is one of the organizations that have been tracking the frequency of this type of attack in recent years. Just in the UK, there were 603 CEO scam incidents in 2018, 676 in 2019, 837 in 2020, and 207 in the first half of 2021.
Their findings are also indicative of how much companies can lose from successful attacks, as well as how difficult it is to recover the money.
For example, 2020 saw UK companies lose £10.4/$14.06 million to CEO fraud. And the victims of these 837 separate incidents were only able to recover 37.5% of the funds that were stolen – £3.9/$5.27 million.
Meanwhile, according to an FBI public service announcement, business email compromise attacks, including some CEO fraud attacks, were a $5.3 billion business in 2017 – a figure expected to have risen.
The mechanisms of CEO fraud always involve convincing a company’s employees that the fraudster is “the boss” – the CEO or someone equally high ranking. There are various ways to try to do so.
The fraudster will also attempt to create a sense of urgency, so that the victim doesn’t have time to stop and think, double-check with other team members, look up the CEO’s actual email, and so on.
Usually, the message from the fake CEO will be accompanied by a request for a cash transfer out of the company’s accounts to a supposedly new account the employee isn’t familiar with, but they can also ask for sensitive information, company secrets, passwords, or even physical access to the premises.
Depending on how it is conducted, CEO fraud can be more or less risky for the attacker.
Tricks and technology employed by bad actors in conducting CEO fraud include:
Let’s look now at different modes of attack by fraudsters conducting CEO scams.
In December 2021, one of SEON’s own employees was approached by a scammer impersonating SEON’s CEO, Tamas Kadar!
A SEON employee received an SMS message from a new number. It claimed to be from Tamas.
When the employee responded, the scammer asked him to buy some gift cards and send him the codes “for a presentation” “at a conference” where he claimed to be.
If our team member had done this, the scammer would have defrauded him through gift cards – which are much more difficult to both track and recover compared to a regular credit or debit card.
But he could smell a rat…
He alerted the team and we even used our SEON phone lookup to find out the name of the scammer who owns this number.
Tamas also sent a brief heads-up to the team!
Fraudsters, we applaud your ambition but did you really think a fraud-fighting company would ever fall for your CEO scam?!
2. Scammer sends an email to a low-ranking employee with access to finance. It reads:
“Hi Paula,
I’m in a meeting with our supplier Westgate and they’re saying we’re very late with a couple of invoices from two months ago?? Why did this happen? They’re one of our best clients! They’re irate.
I said we were experiencing software problems but they’re not happy at all. They’re threatening to leave us. Please, if you’re still at the office make the transfer now and I’ll look into what happened first thing Monday. They need to see the payment right away so I can calm them down.
Their new account is XXXXXXX. Thank you Paula you’re a lifesaver! I won’t forget this!”
The above are very typical examples that involve some of the most common aspects of CEO fraud:
However, we should note that it doesn’t always look like this. There are different techniques out there, and fraudsters are always trying out new methods too.
For instance, they might manage to get actual access to the CEO’s email inbox and might contact you from there, or they may even use a deepfake of the CEO’s voice to become even more convincing.
One more real world example is French cinema company Pathé, which lost a reported $21 million to CEO fraud in 2018. The Managing Director and CFO were also fired over the ensuing scandal.
In most cases, businesses are not obliged to disclose this information and like to keep it down low as not to appear untrustworthy or even attract more scammers so it is important to stay vigilant, use the right tools, and train employees in how to deal with these.
Efficient CEO fraud prevention and mitigation require the combined efforts of both employees and the cybersecurity/IT department. Let’s look at staff training and software separately.
As with all social engineering and social engineering-adjacent attacks, it is also important to train the staff, who are your best line of defense. If no employee will fall for it, the CEO fraud attack will always fail.
As they say, you are only as strong as your weakest link = and here this link is your less careful and/or knowledgeable employee.
Commonly cited rules of thumb include:
Also known as email account compromise, the terms BEC and EAC scam are often used interchangeably with CEO fraud, although there technically can be some small differences. It is also the FBI’s preferred terminology, so you’ll see it often.
It certainly is still a popular means of attack against companies, their funds and their internal data. With new fraud technology, CEO scam methods evolve, but the central idea and goals are similar.
Most often, money – in the fraud of wire transfers, gift cards or even company credit card information. But they might also be trying to get business intel to sell to competitors, or access to your IT systems to then conduct other schemes.
SEON’s data enrichment module can be set to look up email addresses and phone numbers automatically. Employees can also conduct searches manually. Meanwhile, our fingerprinting, IP and other modes of analysis will also help catch fraudsters pretending to be upper management.
Book a call with one of our customer support team members so we can talk about addressing your particular concerns.
Sources
Showing all with `` tag
Click here
Gergo Varga is SEON’s Product Evangelist. With more than 10+ years of experience in the Hungarian and international risk management sphere, he has developed an astute knowledge of RiskOps and Open Source Intelligence. He is the author of SEON’s Fraud Prevention for Dummies guide.
The top stories of the month delivered straight to your inbox