In CEO fraud, fraudsters try to impersonate a representative of a company’s executive by email and make account transfers. The address of the email sender may look like the same as, for instance, that of the company’s CEO but the sender’s address has actually been falsified.
The messages are short, trying to create an impression that payment must be made without delay. Before requesting money transfers, the messages may also enquire about your bank account balance. The payment request may also include a fake invoice. Usual payment subjects include website redesign or consulting charges.
There have again been bogus invoices where, for example, fraudsters have hacked into the email of a company’s customer or partner and have falsified another account number in the authentic invoice.
Example of phishing (English version):
“Hi,
Can we today make an EU payment of xxxxx.xx euros?
Best regards,
XX”
Give instructions to your personnel in advance!
- Educate your employees and advise them to be very accurate in making payments.
- Talk through any situations related to CEO fraud and prepare for it. It is also advisable to examine the company’s contractual partners inhouse so that the employees know with whom they are doing business. Also agree on who is the one in your company accepting new agreements and orders.
- If any of your staff member receives a weird email message from your company’s management requesting to transfer money or disclose information, tell them that the information and the legitimacy of the request will be verified by making a phone call. The information must be verified by other means than by the contact information shown in the phishing email message.
- If the recipient of the phishing email message, for example, asked the sender a more specific reason for the payment, no answers will usually be got to such enquiries.
- If an employee receives an email message that seems weird, it is advisable to click on reply just to test it. In many cases, the phishing email message sender has been managed to be edited and the recipient’s address also looks correct but when you try to reply to the message, you will find a gmail or hotmail ending, for example. However, you should never reply to phishing email.
- Do not agree on anything over the phone if you are not sure with whom you are talking. Ask for more information by email in writing.
- If a known originator’s account number changes suddenly, it is recommended to make sure the state of affairs by phone.
- What to do if fraud or attempted fraud has occurred:
- If the fraudster succeeds in the attempt for a money transfer, immediately call the bank
- 010 252 7700 (Mon–Fri 8 am–6 pm) or
- 0100 05151 (Mon–Fri 8 am–10 pm)
- Contact your payment services manager even if the fraud only remains an attempt!
- If fraudsters have registered a domain that violates your company’s trademark, report it to the Finnish Communications Regulatory Authority, cert(at)ficora.fi
- File a request for investigation with the local police.
- Forward the phishing email message you have received to tietoturvailmoitukset(a)op.fi