CEO fraud: When you change your boss without being aware of it
Email continues to be a fundamental working tool in the day-to-day life of any company and, precisely for this reason, also one of the main means of spreading new cyber-attacks
27 September 2022
Madrid, 27-09-2022.- You’ve probably heard of it. It is a form of phishing in which cybercriminals impersonate the CEO or another senior company official to trick employees and request transfers for a high economic value, always under some excuse of great importance and urgency for the company. In order to make the fraud more credible, it is common for the victims to be studied beforehand (e.g. they take advantage of situations in which the boss is travelling or unavailable).
As with other phishing attacks, cybercriminals use email addresses like the real one, hoping that the victim is unaware of the deception. However, the techniques employed become more sophisticated including the use of compromised real email accounts or the inclusion of malicious links that are difficult to detect by traditional anti-spam filters. The targets are also diversifying, and it is also common to use these attacks to obtain confidential information whose impact goes beyond the merely economic (image damage, sanctions for non-compliance with GDPR…).
“Thanks to Clean Email, our managed cloud service, our customers are protected against threats and attacks that often use corporate email as their primary point of attack and access to information”.
Javier Escribano
Product Manager
Security consequences for affected companies can be devastating. In fact, this technique tops the FBI’s statistics for million-dollar scams with reported losses of 43 billion dolars. Moreover, these figures have been rising steadily, with a 65% increase in the last two years due to the pandemic and the rise of teleworking.
How can we protect ourselves and help our customers fight against it?
Awareness and the use of best practices are important, but not always enough. That’s why Telefónica Global Solutions offers the service Clean Email a cloud-based managed security service that provides advanced corporate email protection. Our effective and flexible solution can address the main threats such as identity theft, fraud, information leakage, etc.
Email continues to be a fundamental working tool in the day-to-day life of any company and, precisely for this reason, also one of the main means of spreading new cyber-attacks. With Clean Email, our managed cloud service, our customers are protected against threats and attacks that often use corporate email as their primary point of attack and access to information.
Javier Escribano
Product Manager