Hackers Impersonating CEOs In Wire Fraud Attempts

Hackers Impersonating CEOs In Wire Fraud Attempts

email-encryption

Local businesses are being targeted by a new category of phishing attacks, called BEC (Business Email Compromise) or CEO scams.  According to the FBI, the total losses from BEC scams is over 1.2 billion dollars.  BEC scammers impersonate CEOs by sending emails to business associates (such as attorneys, accountants, partners, assistants, etc) asking them to authorize a wire transfer. There are a few things that are different about these BEC scams compared to e-mail fraud we are used to:

  • The request for a wire transfer is usually very specific and well-written — customized for the particular target
  • Details about the targeted business and its employees from LinkedIn, Facebook, and other public websites are integrated into the email to make it seem more legitimate
  • Sometimes fake domain names are registered that are very very similar to real domain names as part of the scam, so that the attacker can send and receive email pretending to be someone else.  For instance, if your real business domain name was abccompany.com, the hackers might actually register abcccompany.com so they could send and receive messages that look extremely similar to your real email address
  • Sometimes the hackers also might try to find publicly-posted emails from you or trick someone at your firm into sending an email so they can see what your standard signature / style of email is, so that the fake email they craft can have your real salutations and signatures.
  • In some cases they may use stolen passwords to actually gain access to an email account if possible

 

According to the FBI’s Internet Crime Complaint Center statistics, the average loss from successful BEC scams is around $100,000.  There are a few things you can do to protect your business:

 

  • Training, training, training.  The #1 most important step for security is to make sure your employees understand the risks and take them seriously.
  • Make sure your accountants and associates know to not authorize any wire transactions based only on e-mail
  • Use strong passwords and never re-use your corporate password for other sites
  • Remember never to click on unfamiliar or suspicious links or attachments in email

 

Call Direct iT Today!

781-996-4918

One of our IT specialists is waiting to talk to you.

About Direct iT

Direct iT, Inc. is a New England based IT services firm offering products and services for small businesses in Greater Boston, New Hampshire, Rhode Island, and the rest of New England. Cloud, compliance, and document management services are also available worldwide. Many of our customers are along the Route 128 technology corridor.

Direct iT, Inc. Main Offices

39 Emerson Rd. Suite 215
Waltham, MA 02451
Sales: 781-890-4400
Support 781-890-1907
sales@directitcorp.com