Have you been a victim of CEO Fraud?
Have you been a victim of CEO fraud? Are you aware that one of the first things hackers try is to see if they can spoof the email address of your CEO? If they are able to commit "CEO Fraud", penetrating your network is like taking candy from a baby. What a hacker is doing is they attempt to spoof the email of the CEO of your organization, send a message to your CFO (or whomever is in charge of your accounting) and attempt to have money wired - to their account!
The folks at knowbe4.com recently had a blog post about this trend: https://blog.knowbe4.com/wow-the-bad-guys-are-moving-fast-with-ceo-fraud
Here is an excerpt from the article that is staggering:
No industry is immune to this type of scam. Recent figures reported by the FBI show that in the past 3 years, a staggering 14,032 victims in the US have lost a total of $960 million to cybercriminals due to what they call Business E-mail Compromise. That is a 1,300% increase in reported instances since January 2015!
If those numbers aren't enough to convince you, take a look at some recent news not just in the US but around the world. In January, aerospace company FACC lost around €50 million due to what they call the "Fake President Incident”, their CEO and CFO were fired as a result. A still undisclosed American company lost nearly $100 million due to CEO fraud in April and has since recovered about 75% of that, leaving the total loss around $25 million. As you may guess this doesn't look good so companies try to keep these instances out of the mainstream news as much as possible.
It is not just small companies that need to stay vigilant, companies of all sizes are targeted on a regular basis. All types of employees run the risk of being victims of social engineering which is only the beginning. Hackers are spending more and more time researching employees and companies before they attack in hopes that they will get what they're after.
What can you do to protect yourself?
- Train, train, educate, educate. Teach and train your staff, at ALL levels!
- Employ technologies to mitigate risks. These include:
- Intrusion Detection and Prevention Systems - these inspect all inbound and outbound network traffic and compare it against known signatures and anomalies, and block attempts and attacks. They are constantly updating their database.
- Content Filtering Systems - these systems inspect all of your users web behavior, both inside the network and on corporate devices (laptops) that leave the network. They block sites based on categories you choose, as well as known phishing, malware and virus laden sites. They are constantly updating their database.
- Email Spam and Antivirus Systems - these systems inspect all inbound and outbound email to help block spam, phishing and virus messages.
- File Integrity Monitoring - these systems inspect all of the use files, objects, users, etc. on your Windows network and provide alerting and reporting on behavior. This allows you to spot anomalies and odd behavior, such as someone's account being given administrative privileges - which can be an indication of a hack and/or compromise.
- Security Event Monitoring - these systems inspect all of the thousands (and millions) of events on all network systems (Switches, Firewalls, Wireless, and Servers) and correlate them, categorize and alert based on specific rules.
- Be vigilant about keeping software systems up to date, purchasing systems from reputable companies and ensuring that these organizations have systems and processes in place for updating and securing their software.
- Ensure you have systems in place to evaluate your vendors, especially those with the ability to access your IT systems. These should include obtaining assurances of their policies and procedures, adherence to best practices, as well as the means by which they connect and how often.
It's a scary world out there, and unfortunately the balance of being practical and vigilant is not balanced. Security is by no means efficient or convenient, but the "bad guys" are always working tobe one step ahead.