CEO fraud: How to stay protected against this modern day deception

So, you’re minding your own business working through your day-to-day battle of never-ending emails and sorting through all the stuff you should have finished yesterday. Suddenly, an urgent email drops into your inbox from the boss, asking for an urgent transfer of £8,000 to a designated bank account. It’s not overly unusual: it’s from the boss himself and he has called you by your office nickname. Grrr, another job to do straight away that’s going to push all those other urgent jobs back even further, better get on with it! NO, STOP, have you actually double-checked it’s him?

This could be something called CEO fraud, a modern take on deception specifically designed to trick you into doing something that you think you have permission to do but the real CEO did not action. Once successful, the money is filtered off to other accounts and then the original account is closed down creating such a trail that the chances of getting the money back is extremely low (and in most cases almost impossible).

With so many instances of data theft so much of our data is already available in the cloud. Whilst we may not see the significance of our emails and or texts falling into the wrong hands, it could show someone exactly how you communicate with others. You may “speak” a certain way in your emails, it may appear blunt, cheeky, flirty or very abrupt and to the point, but ultimately it will form a digital footprint of your daily communication that could be emulated to form the next successful targeted attack.

What can you do to ensure you’re not the victim of this skulduggery?

You could have procedures in place to ensure any money transfers are backed up by at least two authorized personnel. It may seem like a pain in the proverbial, but just like most insurance procedures (i.e. backups and antivirus) it could save you thousands.

Make sure you double-check the email address, where it is from and any locations it is going to for intentional spelling errors: it is easy to misdirect you with substituted letters to throw you off the scent. Make a phone call or preferably text them with a cryptic question only he or she would know.

Bear in mind using email to ask the question may not be the best idea in case their account has been compromised. I honestly doubt any senior manager will have a problem with you being careful with their money; after all you are only doing your job!

Also, if this has actually happened to you don’t ignore it – make sure you let someone know. Your tech administrator should know so they can check to see if there has been a wider compromise. Let the CEO know, it may trigger an event reminder for something that happened that could lead to the point in time when the compromise first happened that could also be passed on to the administrator. Most importantly make sure the authorities are aware (in the UK, for example, you can contact Action Fraud on 0300 123 2040 or visit

This and other timely security topics to protect business will be addressed at the Gartner Security & Risk Management Summit in London, UK September 12 – 13, 2016.

You can find more information about ESET @ Gartner summit with up-to-date content on our special web page. Among the attendees will be ESET chief research officer Juraj Malcho and Palo Balaj, head of ESET EMEA business development.

Author , ESET

Follow us

Copyright © 2016 ESET, All Rights Reserved.