The Biggest Tricks in CEO Cheating | Total Security

CEO fraud is a type of spear phishing in which a hacker impersonates a manager via email and induces a victim to conduct a transaction, typically financial. As one of the most expensive e-mail attacks is CEO fraud is a form of business email Compromise and cost US companies in 2 0 19 $ 1.7 billion. Prevent with total security to stop any big issue.

CEO fraud can range from gift card scams to wire transfer scams, with millions of dollars being poured into a hacker's bank account, often long before the company realizes something has gone wrong. To increase their chances of success, hackers employ several tactics, some of which are technical in nature, but most of which involve psychological manipulation.

Print

Gift card fraud is one of the easiest to perform and most difficult to track down. This makes them one of the most widespread spear-phishing attacks and offers an instant payout.

A hacker masquerading as CEO will typically claim he's in a meeting and urgently needs to purchase gift certificates for a customer. Often times, the hacker claims that the gift cards come as a surprise to the employees and thus get the victim to keep the request secret. In the eyes of the victim, failure to follow the request could leave the CEO embarrassed and disappointed. This creates a lot of pressure on the victim.

The most successful business email compromise attacks are characterized by carefully crafted spear-phishing emails. But what makes them really successful is the identity and influence of the alleged sender. The average user might think twice about buying gift cards for Paul from accounting, but if the request comes from the manager himself, the chances are he'll respond, and faster than usual.

Many CEO fraud victims have had little to no prior contact with the CEO. It is easy to blame victims in these cases and say they should have been more careful. In reality, the victim is more vulnerable to the scam because the email catches the victim off guard. If the financial inquiry is the first-ever communication between the victim and the manager, the victim not only feels the pressure but also the desire to please the boss.

Pretexting and Social Engineering

Many victims are not used to communicating with the manager. They're unfamiliar with their boss' communication style and habits - they don't know what the CEO would actually say or do. The real CEO may never engage in such a conversation or request, but the victim doesn't know, and that gives the hacker an edge.

Communication between hacker and victim begins with pretexting. It's a common tactic in social engineering and prepares the victim for the request. This tactic also allows the hacker to express expectations ( don't tell anyone about it, it's a surprise) and is used to gather information by providing the hacker with additional data that could help them succeed.

In some CEO fraud cases, a hacker will send the victim multiple emails until they make the final request, check the victim's progress, make sure no one else is aware of the transaction, and apply further pressure until the transaction is completed.

Emails From Mobile Devices

CEOs are busy people. It is not uncommon to get an email from a boss who is not in the office but at an event, visiting a customer, or even abroad. Sending spear-phishing emails through a mobile device helps the hacker create the impression that the CEO is not in his office. This gives the hacker several advantages.

First, it helps him create the illusion that the CEO is in an atypical environment, may not have his laptop with him, and need help. Second, it gives the hacker leeway to make mistakes in email grammar, and misspellings are common and (to some extent) forgivable on mobile devices.

Finally, it also increases the likelihood that it will be overlooked that it is a fake email address. If the hacker forges the CEO's name but not the company domain, the victim may assume that the CEO made a mistake and sent the email using a personal account.

Deep Fakes

Deep fakes are relatively new to business email compromise and have proven to be both highly effective and extremely costly. There are a variety of tools on the market based on artificial intelligence that can be used by hackers to mimic the voice of the business executive.

According to The Wall Street Journal, a CEO of a British energy company received a call from the head of the German parent company in 2019 - only it wasn't his boss at all. It was a hacker who used deep fake software, imitated the voice of the managing director in Germany, and demanded a transfer to a supplier. The result was a payment of $ 243,000 to the hacker, who soon called back and asked for more, which made the CEO suspicious.

Deep fake software is abundant, effective, cheap, and no way for companies to verify the authenticity of votes. According to Computer Weekly, 77 percent of cybersecurity decision-makers are concerned about deep fakes, but only 28 percent have a defense plan.

Prevent CEO Fraud

Anti-spear phishing technology has come a long way, but the psychological nature of CEO fraud requires a combination of preventative measures:

User Education: Train your users to understand different types of business email compromise and social engineering techniques. Do more than just provide regular training and provide on-the-fly training: When users open or reply to malicious emails.

Validation Process: Implement a process to validate financial transaction requests. For example, confirmation in person or by phone after receiving an email request.

Technology: Make your anti-spear phishing solution a solution that goes beyond DMARC and traditional detection. The solution should be able to identify difficult-to-detect spoofing techniques that bypass DMARC, including cousin domains and display name spoofing.

Whether they come across as spear phishing, CEO scam, or business email compromise, all targeted email attacks have similar characteristics, behaviors, and even language. This is exactly where artificial intelligence (AI) excels when it comes to detection.

When searching for anomalies in e-mail traffic and malicious behavior in e-mails, AI algorithms can detect what static solutions or those based on fingerprints are missing. Our Total Security uses two machine learning techniques to detect spear phishing and CEO fraud:

1. Anomaly Detection: Identifies outliers or behaviors that are unusual in a data set - in this case, an organization's email traffic. It learns over time what the typical sender/receiver behavior is in the organization and identifies anomalies including cousin domains and display name spoofing.

2. Natural Language Processing: Recognizes the common words and phrases used in CEO scams and spear phishing, especially language that indicates urgency or is related to financial transactions. 

Protegent360 warns users of possible spear-phishing attempts with a warning banner that is displayed when opening the suspicious email. This gives the user the necessary time to think about possible warning signals that he might otherwise have overlooked. Additionally, if the email contains anomalies but is legitimate, the email will not be misclassified and blocked, which will ensure that critical corporate communications are delivered successfully.