CEO Fraud Phishing Attack – Can You Trust Your Emails?

Defend against CEO impersonation or CEO fraud phishing attacks with MailSafi.

To learn more about how we can protect your organization against CEO fraud and other email security threats, contact us today to schedule a meeting or demo

Many companies have been defrauded and lost millions due to CEO
fraud attack, we will explain how it happens and how to protect your
company against it.

CEO Fraud Attack – A Growing High-Risk Phishing Attack

CEO fraud has seen a sharp rise in the past year especially because of the coronavirus pandemic.

CEO fraud attack (sometimes referred to as Business Executive Compromise or BEC) is an email-based phishing attack where hackers impersonate senior company executives such as CEOs, COOs, and other senior executives with an aim of defrauding the company or accessing sensitive business data such as credit card details, etc.

The CEO’s official email account is either hacked or spoofed by cybercriminals to trick an employee, usually in the finance or HR department, into fraudulently transferring funds to the criminal or divulging confidential information about staff.

There is a risk that an employee in the finance department who receives an email from the CEO to make urgent payment will feel under pressure and may even skip usual internal company procedures to execute the payment.

CEO fraud typically uses spear-phishing, whaling and social engineering techniques to trick users into transferring money to a fraudulent account or divulging sensitive information.

How CEO Fraud Phishing Attack Works

1. An attacker identifies a specific target (or targets) within an organization. He/She attempts to compromise his email account over a period of time using various methods such as:

System intrusion techniques such as bruteforce or dictionary attacks, password spraying, etc.

Phishing emails containing malicious URL links that are intended to capture passwords.

Phishing emails containing keyloggers that download themselves once clicked on

Other social engineering methods.

2. Once the cybercriminal has the credentials to access the victim’s account, he is able to use these credentials to access the email account of the victim and read old email threads. He uses this opportunity to study the email communications the victim has been having with other users.

3. The hacker then sends a message from the CEOs mailbox to someone in the finance department asking them to urgently initiate a wire transfer or similar payment to a vendor, providing bank account details for the attacker.

4. CEO fraud phishing scams often target businesses working with foreign suppliers and companies that regularly perform online fund transfers.

CEO fraud phishing attacks often rely on different techniques to execute this fraud. The main ones are:

Spear Phishing: a more focused form of phishing to target one person or small group of individuals when sending out phishing emails. Spear phishing emails are very personalized and therefore more difficult for the recipient to suspect.

Executive whaling: Cyber attackers target c-suite executives to defraud the company.

BEC/EAC: Sending an email from a compromised official email account of a senior employee, or

Spoofing: Sending an email impersonating a senior employee with an email address at a fake domain that looks very similar to a legitimate domain.

Social engineering: using psychological manipulation to trick people into divulging confidential information or releasing funds to fraudulent recipients. Social engineering may include getting information from social media sites like Facebook, Twitter, LinkedIn, etc., which may have a lot of information about individuals including where they work and their job titles/roles.

Prevent CEO Fraud with MailSafi Email Security Service

Millions of dollars are being lost to CEO fraud phishing campaigns each year. Businesses need antiphishing solutions that can protect employees, executives and organizations from falling prey to these attacks.

MailSafi provides cloud based email hosting, email security and advanced spam protection service that includes antiphishing software to protect against CEO fraud phishing attacks. Below are some ways MailSafi cloud email service and email security solution can help you to identify, block and mitigate against the impact of successful attacks from CEO fraud phishing emails:

MailSafi Email & Collaboration (cloud email hosting solution):

- Supports two-factor authentication (2FA) and application-specific passwords – both of which help a great deal in preventing email account compromise.

- Helps to enforce the use of strong passwords on its platform. This makes it more difficult for hackers to compromise CEO or other users’ email accounts via hacking methods like bruteforce or dictionary attacks and password spraying.

- All our cloud email hosting solutions come with our full suite of MailSafi Email Security – which has antiphishing software (see details below).

- Limit devices and locations access of mailboxes

- Implements monitoring, intrusion detection & prevention systems to pick such incidences and take action before they happen

Check here Business Email Hosting for more information on MailSafi Cloud Email Hosting and Collaboration plans

MailSafi Email Security service provides instant spam protection and comprehensive protection against CEO fraud and impersonation attacks in the following ways:

- Automatically scans all inbound and outbound email to detect and block malicious attachments and links and quarantine these emails before they end up in users’ mailboxes. This will minimize the risk of installation of keyloggers which a hacker will use to capture your passwords and other forms of malware.

- Performs incoming email traffic analysis and filtering; analyzes source header and content of email and domain to ascertain and protect against spoofing/identity theft.

- Inspection of character sets to detect similarities that would ordinarily not be visible to the human eye.

- Deploying domain validation and email authentication mechanisms - SPF, DKIM and DMARC to minimize the risk that scam emails will end up in users’ mailboxes. This will protect client domains and email against identity theft and spoofing.

- Blocking all attempts to send unauthorized emails from your trusted domains.

- We help in reporting on look-a-like domain registrations to prevent attacks where the cyber criminals will target and exploit third parties like suppliers and well-known brands.

Check here Email Security for more information on MailSafi email security and spam protection

Cybersecurity Awareness Training for Staff

MailSafi’s Cybersecurity Awareness Training program helps staff to understand how to identify and deal with phishing, spoofing, malware emails and other cyberattacks they may encounter online. While this training might not directly prevent CEO fraud attack campaigns that are at an advanced stage i.e., the cyber attacker is sending emails directly from the CEOs mailbox, it will help staff spot phishing and spoofing attacks that could aid or lead to business executive compromise/email account compromise.

This knowledge and skill is vital in the organization’s fight against spam.

An Easy-to-Install and Easy-to-Manage Email Security Solution to Stop CEO Fraud Phishing Attack

No additional hardware or software is required

Easy-to-use spam quarantine interface

immediate protection

To learn more about how we can protect your organization against CEO fraud attack and other email security threats, contact us today to schedule a meeting or demo

free 30 day trial

schedule demo

get a quote

contact sales