Contact
More about DataExpert

The not so friendly forward

“Can you transfer $100,000 quickly?” Kind regards, CEO. This is an example of a request that could concern CEO fraud. CEO fraud is a much discussed and persistent phenomenon. Certainly with the arrival of the coronavirus and working remotely, this form of crime has increased (source: RTL Nieuws). Some examples of victims of this form of cyber crime are Pathé and Wehkamp, and new cases keep popping up. So it happens regularly and costs a lot of money for both businesses and private individuals. Many cases of CEO fraud involve phishing mails sent in the name of the CEO, but there are also other, lesser-known forms.

Forward
One such form is possible when a cyber criminal has managed to gain access to a company employee’s mailbox. This can be done, for example, by cunningly retrieving the login details of the mail environment from the recipient who just happened to click the wrong link. Once inside, the cyber criminal places a so-called ‘forward’ line. This means that a cyber criminal adds an extra line to the mail settings. This line ensures, for example, that all incoming mails from the user are forwarded to the cyber crook. The user will not notice this at all. The cyber criminal can then read the e-mail unnoticed and wait quietly to see something of his liking. Think for example of an invoice with a plausible amount that could be adjusted, or e-mails surrounding the internal company culture. Does a good opportunity arise? Then this is the time for him/her to enact out his/her plans. In other words, to secretly communicate with others without realising that in this case, the sender/receiver is not the actual person behind the e-mail address. Another action could be to manipulate payments where money is transferred to a modified account.

Tip
The above situations can be prevented by applying Multi Factor Authentication. Implementation is not always easy, but it is certainly worth exploring the possibilities. An interim solution is to take measures such as making it impossible to set lines via webmail and blocking forwarding to external e-mail addresses. It is also important to be alert to e-mails calling for action. Even if these seem to come from a colleague. One of the ways to recognise CEO fraud is by the emphasis placed on confidentiality in the e-mail, by the fact that the call is labelled as very important or by a certain pressure (e.g. time pressure).

Want to learn more about this or other forms of cyber crime and how to prevent it? Please contact us.