You’re sitting at your desk and all of a sudden you get an urgent e-mail from the CEO of your company. Now, if you’re part of a small company, you may or may not recognize immediately if that is a legitimate e-mail. On the other hand, you might worry that if you don’t follow the commands of the e-mail you’re in for big trouble. Despite your deepest worries, don’t automatically fall for it…because chances are you may well have been set up by scam artists trying to bilk your company out of cold hard cash or other resources.
According to the latest statistics, “fake CEO” e-mails have cost companies an estimated $5.3-billion over the last three years alone. Sadly, the crime is also on the uptick because of employee naivete. According to the Canadian version of the Better Business Bureau, the fake CEO fraud stems from people gaining access to high-ranking executive e-mail accounts, creation of a similar address and then begin launching attempts towards targeted employees who are in a financial position and have the authority to move large sums of money.
By sending highly realistic-looking email messages to such employees with access to funds, and demanding urgent wire transfers for supposed legitimate business reasons, the fear factor produces results an alarming number of times.
To add to the realism, transfer requests are often made while the actual CEO or other high-ranking official is off-shore, traveling abroad, making them more difficult to reach for some form of easy verification.
The fake CEO scam has achieved successful fraud ranging from thousands of dollars to even millions in some cases and the issue has become a growing threat on a global scale for businesses of all sizes.
Authorities offer several tips to help keep thieves like this from impacting your company:
- Make certain all computer systems are secure, keeping antivirus software up to date and encourage the use of strong passwords by all users…
- Double-check with executives who send requests for wire transfers via e-mail, when when they appear to be real, but avoid replying directly to that e-mail or the use of “contact” information included therein…
- Carefully scan the e-mail address of the sender, it could be strikingly similar, but different enough to scam you…
- Create the requirement for multiple approvals for any such monetary transfers…
- Limit employee information online and through social media, as it is often used to help set the case up…
- Learn more and instruct staff more completely regarding such scams…
Bottom line…be careful…and don’t fall for the need to ask “how high” when a high ranking authority commands you to “jump” regarding money transfers by way of e-mail.