Cyber-attacks on SMEs have increased steadily in recent years. With criminals constantly devising new ways to steal information and money, one of the newest emerging threats is Business Email Compromise, also known as CEO or Chairman Fraud. The most frequent targets of this scam, small and medium-sized businesses, can lose huge sums because of one spurious email.
A fraudster emails a company's payments team, impersonating a contractor, supplier, creditor or even someone in senior management. The email might appear to be from the CEO, asking that an urgent payment be made, or from a supplier, requesting that future payments go to a new account. Often it instructs the recipient not to discuss the matter with anyone else.
Since the sender's email closely matches a known address, this type of fraud often goes unnoticed until too late. Cybercriminals may even hack into a real email account - from which fraudulent communications are hard to identify.
US based business: $400,000 loss
The payments team received an email from the CEO, asking that payments be set up for new beneficiaries. A member of the team created and authorized the payments. By the time the team realized that the requester's email address did not exactly match the CEO's, it was two days later and the perpetrator had stolen nearly $400,000.
Global commodity trading platform provider: $1,221,852 loss
An employee received an email from the CEO, requesting a new payment. This was authorized and made by two other staff members, the first employee even confirming with the CEO that the payment was legitimate. It was later discovered that the CEO's email had been compromised, and that the CEO and employee had been talking about two different payments. The company lost $1,221,852.
877 472 2249
We're here Mon-Fri 8:00AM to 9:00PM ET and Sat 8:00AM to 4:30PM ET