Combatting CEO Fraud with Advanced Threat Protection

One of the first, and to date the most widely known, CEO fraud attacks hit the disappearing-photos app Snapchat in 2016. By impersonating Snapchat CEO Evan Spiegel, cyber thieves convinced a human resources staffer to send employee payroll information – data that later surfaced on the dark web.

Other companies have been hit in the bank account, some of them hard. An unnamed real estate company in Paris sent nearly 38 million euros to “lawyers” for a widely known French accounting company in late 2021. Europol arrested members of an international network spanning several countries and with bank accounts around the world but recovered only a fraction of the money.

CEO fraud is only one very specific type of business email compromise (BEC), also known as spear phishing. It’s a subset of phishing, another specific type of email crime.

• In phishing, criminals send out phony emails to a wide range of recipients in the hope that some will click on a phony link or document and install malware on their computer. If it’s a business computer, the bad actors could get access to the company’s entire system, download records, and install ransomware.
• In spear-phishing, criminals send hand crafted, tailored emails to a narrow list of people whom they’ve researched and targeted for a specific purpose.

BEC has netted cybercriminals some $3 billion each of the last three years in the U.S. alone, according to Internal Revenue Service (IRS) figures. Companies filed nearly 21,500 phishing reports with the agency in 2023, making it by far the most frequently reported type of cyberattack.

Globally, CEO fraud incidents are said to have skyrocketed – rising 131% – during the COVID-19 pandemic, when most employees worked from home.

CEO fraud works, as we’ve seen. So does spear phishing in general. Worldwide, spear phishing campaigns reportedly result in 66% of all breaches.

But for cybercriminals, CEO fraud and spear phishing have a downside: they require much research and effort to target the right victims. AI will likely make these tasks a lot easier as it enables cybercriminals to create more credible spear phishing campaigns by analyzing publicly available data, mimicking communication language and style, and tailoring messages to each victim.

“Never trust, always verify” is the best rule of thumb when receiving an email from anyone asking for sensitive information or money or sending links or documents that you don’t expect.

An “urgent” request merits particular caution. When adrenaline rises, your rational mind can be overridden by emotions, causing you to make decisions before you’ve thought the situation through.

If you receive an email from your CEO or any executive asking for anything, take these precautions:

• Check the sender’s address. Look carefully: a single stray character or missing letter may be the only indicator that something is wrong.
• Even if everything looks good, call the executive or someone in their office to double-check the request. Don’t ask them to call you: AI makes spoofing someone’s voice increasingly easy to do.

Even the most security-aware employee can make mistakes, however. To fully protect your organization, you need a sophisticated suite of spear phishing protection tools to vet all emails coming in before your employees see them, as well as to safeguard your systems and data from harm.

Hornetsecurity’s Advanced Threat Protection (ATP) uses Targeted Fraud Forensics with innovative detection methods to prevent losses from CEO fraud, spear phishing, and phishing in general. Our ATP solution provides:

• Checks the authenticity and integrity of metadata and mail content.

• Detect and block forged sender identities.

• Get alerts to content patterns that suggest malicious intent.

• Defend against espionage attacks that aim to obtain sensitive information.

• Get identity-independent content analysis of news that spots falsified facts.

• Detect targeted attacks on individuals who are particularly at risk.

Hornetsecurity’s ATP works chiefly with heuristics and some contextual SMTP data (is the sender internal or external?). It uses NLP to analyze large, multilingual datasets of spear phishing emails, and translates the key essence from those emails into heuristics that enable progressively more rapid analysis.

To safeguard your business from CEO fraud and sophisticated phishing attacks, leverage Hornetsecurity’s Advanced Threat Protection. Our ATP solution offers cutting-edge detection and protection, ensuring that your enterprise remains secure from these high-risk threats.

CEO fraud and spear phishing aren’t going away. As AI becomes more and more sophisticated, in fact, these types of cyber-attacks will likely become more frequent and effective.

Security awareness can help, but to err is human. Hornetsecurity ‘s ATP uses machine learning technologies such as NLP, and other state-of-the-art technologies to spot and block CEO fraud and spear phishing, beating cybercriminals at their own game. Contact us today to find out how ATP can provide superior CEO fraud protection to your enterprise.