Sharp rise in CEO fraud email scams hitting businesses
Warning to businesses to beware scam emails from fraudsters posing as CEOs.
CEO fraud is on the rise, according to a report from the City of London Police’s National Fraud Intelligence Bureau.
The scam, which involves fraudsters tricking staff into handing over large sums of money, was the subject of 964 reports to Action Fraud and responsible for losses of a whopping £32 million between July 2015 and January 2016.
How the scam works
Scammers usually initiate the scam by sending an email to a staff member in a firm’s finance department pretending to be a company director or CEO.
The email will typically instruct the worker to quickly transfer money into a bank account. This communication will look genuine, but may have tell-tale signs like a gmail.com or yahoo.com suffix to the email address.
Staff that fall for the scam and make the transfer will find the money disappears. Money that hits a fraudster’s account is dispersed into other ‘mule’ accounts and the original closed down to make sure the money is untraceable.
Action Fraud says that of the £32 million reported to have been lost by businesses in the last six months as a result of this scam, just £1 million has been recovered by victims.
Big losses
Typically, the average amount a fraudster gets by posing as a CEO or another senior member of staff is £35,000.
The largest amount reported to have been handed over to a fraudster by a member of staff was £18.5 million. The company which was hit is a producer of healthcare products and has offices around the world.
In July a man posing as a senior staff member contacted a Financial Controller based in one of the company’s Scottish offices and asked them to transfer money to accounts in Hong Kong, China and Tunisia.
The Financial Controller believed the man to be a senior member of staff, exchanging several calls and emails with him before transferring the £18.5 million across three foreign bank accounts.
Find a new 0% credit card today
Targets
Limited companies tend to be the most targeted by CEO fraud, with 52% of reports coming from this type of business.
One in five cases revolve around businesses based in London.
How to guard against attacks
Action Fraud advises businesses to ensure all staff, not just those in finance teams, know about the dangers of this type of fraud.
It also recommends putting a system in place to allow staff to be able to properly verify contact from their CEO or company directors, like having two points of contact to check instructions are legitimate.
Staff should also review financial transactions to check for inconsistencies and errors like a misspelt company name, which will help to spot fraud sooner and increase the likelihood of getting the money back.
It’s also good practice to ensure computer systems are secure, antivirus software is up to date, and that businesses take care to limit sensitive company information that is publicly available.
To report a fraud and receive a police crime reference number, call Action Fraud on 0300 123 2040.
Don’t miss these:
Hackers hijacking self-assessment online tax returns to claim bogus refunds
WhatsApp scam: messages from your 'friends' that try to take over your phone
The world's worst passwords 2015: which are the most dangerous?
Comments
Be the first to comment
Do you want to comment on this article? You need to be signed in for this feature