CEO fraud prevention

CEO Fraud Prevention

CEO fraud is a type of cyberattack in which the attacker impersonates a CEO or other executive. Hackers will most often use the CEO’s email account, or an email address that looks very similar to the CEO’s to trick a targeted employee into transferring them sensitive information or money.

Like other types of Business Email Compromise (BEC) attacks, CEO fraud attacks are very difficult for employees and legacy solutions to catch.

However, there are ways to prevent those sneaky attacks. The best plan is to combine training, cybersecurity policies, and technology.

Raise employee awareness.

Security is everyone’s responsibility. This means everyone regardless of department or role must understand how CEO frauds are pulled off by providing real-world examples to point out common red flags.

NOTE: A CEO fraud will always use seniority and urgency to motivate the target to make a certain action.

It is important to point out the lack of spelling errors. Poor spelling is usually a phishing indicator, but nowadays hackers pay more attention to details. They do a better job alluring their victims and hiding their tracks, so it is unlikely to make any spelling or grammar errors in the process.

Also, you may notice personal touches. Attackers go to great efforts to research their targets through hacking or simply by using publicly available information.

The following persuasive elements should always make you take a closer look.

The sender’s email address

Domain impersonation is a common tactic for CEO fraudsters. They shall use a very similar domain name. For instance, if the original is, the one they will use is in order to create confusion. Changing just one letter will be even harder to spot on mobile increasing their success rate.

The sense of urgency

The subject line, the ongoing meeting, the late invoice. Creating a sense of urgency is the general rule in social engineering attacks. Panicked people almost always will make poor decisions.

The authoritative tone

Expressions like “please send/pay immediately” are commonly used. There is a reason hackers prefer to impersonate CEOs. They are in a position of power, and people tend to do what they say without any prior check.

Playing on the target’s trust

“I am counting on you”. Everyone wants to be chosen to do a favor for a manager, director, etc.

Check the sender’s email address for inconsistencies and remember that corporate email addresses can also be hacked or spoofed.

Take a step back and think: is this really something the CEO is likely to request so urgently?

NOTE: Always verify the payment destination. Do not pay an invoice unless you know the money’s going to the right place.

While these are important lessons for your staff, training your employees regularly is paramount. Educating your staff on how to recognize CEO frauds and what to do in case they detect such attacks is therefore crucial.

Humans are often led by emotions, and they are not good at spotting the small clues that might reveal a fraudulent email. Sometimes, even security specialists can’t.

Implement best cybersecurity practice.

Beyond staff training, every thriving organization takes an all-round approach to cybersecurity that minimizes the risk of a serious impact from an attack.

Here are few very important security measures that will help protect company data from CEO frauds:

Create a system where employees can easily verify wire transfers, especially the large ones, ideally via phone.

Buy domains that are like your company’s brand name to prevent domain impersonation.

Protect all corporate email accounts and devices using multi-factor authentication (MFA).

Regularly test and patch all your software.

Ensure employees maintain strong passwords and change them frequently.

Closely monitor corporate financial accounts for any irregularities such as missing deposits, external payments, etc.

Deploy an email security solution.

All the above are extremely important cybersecurity controls, but let’s take a closer look at the final suggestion: email security solutions.

Deploy an intelligent email security solution.

Because CEO fraud attacks usually take place via email (about 90% of all phishing attacks follow this model), installing email security software is one of the most effective steps you can take to prevent this type of cybercrime.

Our solution provides real-time protection against social engineering attacks like whaling, CEO frauds, or W-2 frauds. Contact us today for more relevant information.