Be Wary About CEO Phishing Attacks

CEO Phishing Attacks is not the most sophisticated method but it is still one that needs to be watched due to the damage it can bring.

We want to raise awareness of the increase in sophisticated Phishing Emails designed to look like it is from a legitimate source. As our clients ask us “What is CEO Phishing Attacks”.  Our answer is better in the form of a blog post to raise awareness for all.

What is CEO Phishing Attacks?

CEO Phishing attacks often occur when a hacker infiltrates a companies Email system, gaining knowledge about the style of writing, personality type, and any factual information that can increase credibility.

Once the hackers feel they have enough information then they request money transfers.

Usually making it sound like a legitimate business deal through phishing and social engineering.

We have known an Email system to be infiltrated months beforehand and dig out old invoices that were sent to their clients.

They then proceed to recreate an invoice looking legitimate just changing the bank account receiving the funds.

The wire transfer is often transferred again to a foreign bank account, this makes it very difficult to trace and often leads to a loss.

Why are we talking about this?

Just recently we were called in to inspect the network of a new client, they had unfortunately been the victim of a phishing scam.

After analysis, it turned out they had Malware on their machines sending data back to a server located in China (identified by the IP address).

When we looked into what had happened an employee had received a document, and when they tried to open it nothing happened instead of raising the alarm they carried on with their day.

We found a copy of the Email received and it was dated 16th July 2018, so they had access for a ridiculous amount of time before they lost enough money to raise the alarm. Why did it take so long?

The hackers were clever and what they were doing was intercepting traffic, on a daily basis to learn about how they dealt with their invoices, and when some of their clients owed money or was in the middle of a quote the hackers sent invoices for reasonable amounts, this was cleverly in the name of our client but with different bank details.

The amounts were not enough to raise an alarm over a nine-month period they were able to extract £64,730 out of our new client’s customers.

This is a nightmare for any company to deal with and can result in loss of trust, hefty debt to plug, and can result in going out of business.

Educating your staff is the best defence

Although Cyber Criminals may be going after the CEO it is important that all staff be educated. Usually, it is the lower-level staff that is fooled into believing they are communicating with the CEO.

We need to provide awareness to the staff by just educating them enough to double-check with a quick phone call if funds are requested to be transferred.

Other forms of defence

Keep your software regularly patched, make sure that you have adequate Security as hackers do not just attempt phishing attacks and they also will attempt to infect your systems with Malware.

Once infected they can see details of activities you do on your systems, access to business-critical files, and risk data leaks and enough information to either cause serious damage.

This could permanently damage your business or become experts at phishing your employees to put them at risk too.

An Antivirus or Firewalls will not be enough to defend against phishing attacks, we have to keep an eye on systems, run regular checks and keep on providing security awareness to ALL employees.