Online impersonation of CEOs on the rise during COVID crisis

Get a free Techzine subscription!

Email scammers have impersonated over 7000 CEOs since the COVID-19 pandemic hit.

The COVID-19 emergency has unleashed another epidemic, namely a sudden rise in the impersonation of CEOs through business email compromise (BEC) attacks. A BEC attack allows a hacker to impersonate a company executive in order to scam the company’s employees, customers or partners.

Cybersecurity firm Proofpoint reports that since March this year it has seen email scammers impersonate more than 7,000 CEOs online. Indeed, more than half of Proofpoint’s customers have had at least one high-level executive impersonated and their email persona used in a scam attempt. 

According to Proofpoint, scammers have impersonated a CEO 102 times during the past three months alone. In addition, the FBI claims that more money was lost this year through BEC attacks than in any other year since the bureau began tracking such crimes.

Indeed, the FBI confirms that in the past year, BEC and EAC (Email Account Compromise) attacks have accounted for more than 50% of all cybercrime losses, a total of $1.77B. The average loss per impersonation incident in 2019 was $74,723.

Proofpoint claims that they are currently blocking 15,000 such scam emails every day.

How it works and how to stay safe

Criminals need to do two things in order to successfully target a business. First, they need to collect as much personal information on the targeted victim and the Executive in order to sound convincing. Second, they need to create a sense of urgency so that the victim will not take the time to spot the fraud.

BCE scammers often target payroll or human resource departments. They will often send an email requesting an urgent change of an employees direct deposit information. The criminals might also send a “fake” invoice requesting that the Accounts Payable department pay the amount due immediately.

How can you defend against BCE and EAC attacks? It’s simple: do not accept any direct change request concerning the transfer of funds or accounts solely because of an email you have received. Check first via phone or in person with the personnel or the executive involved. If it has to do with an invoice that requires “urgent” payment, contact the vendor listed on the invoice and track down the original order internally.