C-level fraud or when you are asked to make this money transfer asap! A look at common forms of cyber fraud
Payment Fraud Prevention, Cash Management, Payments and Financing
This or similar might be the start of an email that brings us directly into one of fastest growing forms of cyber fraud, namely CEO fraud.
This or similar might be the start of an email that brings us directly into one of fastest growing forms of cyber fraud, namely CEO fraud. Did you know that according to PwC’s Global Economic Crime Survey 2016 one-third of companies have become victims of cybercrime? Let’s say our blog posts attract on average about 1000 readers. This means if we only look at our readers, we can assume that more than 300, every third of you have been touched by cybercrime in one way or another. Remember when you started university, way or not so way back? And your professor opened the first lecture with the friendly words to look to your left and right because those people wouldn’t be there when you’d be done studying. We could say the same about cybercrime. Look to your left and right; those companies have inadvertently experienced cybercrime in some shape or form. But in what form does this cybercrime manifest itself? What do you think is the biggest security risk for companies when it comes to financial cybercrime? Is it getting hacked? No, the danger lies, as so often, much more on the human side of things. The biggest security risk is actually when C-level executives handle manual payments.
The practicalities of C-level fraud
But how does this C-level fraud actually work? Typically criminals use the authority of the CEO or rather the power of his name. This is why it’s also often referred to as CEO fraud but don’t just watch out for strange requests from the CEO. These criminals might make use of any C-level name they find online to pass the company’s standard security measures. Imagine one fine day you arrive at the office and you see that you have an email that looks like it comes from your CEO. He asks you to transfer money quickly. You might even try to reach him but we all know, CEOs are busy. Those type of emails are typically sent to people who have authority to make payments and, at least, so the criminals think, those kinds of requests reach them more often than once. And that’s how CEO or director fraud happens. A person in the organization who can authorize payments gets a message from one of the c-level managers to quickly transfer money, and well, then the money is gone. It sounds really simple but if we put ourselves in the position of the person receiving the request we see immediately that it’s a smart strategy. Or would you take a lot of time questioning requests your CEO sends? Hands to the heart, we might even be flattered that it was us who got contacted with this important request.
But how does this work? How do criminals know whom to contact to make us transfer money to them? We publish large volumes of information on social platforms daily, and that makes us incredibly easy to monitor and a prone victim for cyber-attacks or ‘whaling’ as it’s also called. Add to this overexposing of personal information and advanced surveillance software which enable fraudsters to trace email addresses of potential victims, and you have the breeding ground for flourishing cyber fraud.
In the next blog post we will explore some concrete actions that everyone can take to protect their organizations from such attempts at CEO fraud.
Karl-Henrik Sundberg is a passionate Cash Management professional with background as a Cash Management Advisor at a large Swedish bank followed by six years as a Cash Management Director at a Treasury department in a global multinational. Educated in Finance but with a "techie" mindset he is often seen speaking to his smartwatch or discussing disruptive Fintech with likeminded.
Read more blog posts about Payment Fraud Prevention
5 concrete tips for preventing payment fraud
15 - 12 - 2017
It is the eleventh hour to start focusing on the safety of your payment process if you want to avoid financial damage. Here are 5 actionable tips for preventing payment fraud.
How Much Revenue are You Losing to Payment Fraud?
30 - 06 - 2017
Payment fraud is an ever increasing part of doing business and though we are all aware that it is occurring, we often do not understand the size and scale of the problem.
Concrete steps for fraud prevention in your organization - Five measures you can take right now
06 - 03 - 2017
The key to fighting of cyber attacks lies within careful combining technological and human measures. It all starts with a strong corporate culture.
Other content you might be interested in:
How to manage fraud and risk in Cash Management
on demandOur third webinar about Risk and Fraud Management in purchase-to-pay and cash management introduces a complete framework for mitigating the risk of fraud and cybercrime.