Junk e-mails and scams have become so commonplace that we often forget about how dangerous they can truly be. One unidentified American company recently learned the dangers of underestimating scams the hard way – to the cost of almost $100 million dollars.
The company fell victim to a kind of scam known as “CEO email fraud,” where the hackers do intensive research on a company and its employees before crafting their phishing emails. Once they have this information, they are able to draft emails asking for wire transfers, bank account numbers, or other sensitive information.
These e-mails can be virtually indistinguishable from e-mails that you would receive from your colleagues if you don’t know what to look for, as they may appear to be from a legitimate sender and make use of company logos. Always check links by hovering over them before you click them, and never send sensitive information through e-mail unless you have confirmed with the individual requesting it through a different method of communication.
What makes this scam worse is that the company was actually unaware of the fraud until banks identified a series of suspicious transfers. Through a great deal of work, the company has been able to recover almost 74 million of their losses, but 25 million still remains scattered after being laundered through accounts across the world.
While this case has been labelled the largest case of business email compromise to have occurred, it definitely isn’t unique. The FBI has stated that over the last three years alone, businesses in the United States have lost almost 2.5 billion dollars due to scams that follow this kind of CEO email fraud strategy.
Unfortunately, not only large businesses are targeted by these scams. While the pay-offs may be bigger, it is often easier for scammers to target smaller businesses that may not have the same kind of threat awareness or security measures in place.
Furthermore, most businesses never really consider this kind of security until after they’ve already had a negative experience with a scammer – which can be annoying at best, but devastating at its worst.
In order to ensure that your business is protected from scams like CEO email fraud or other forms of phishing, it’s a great idea to work with your information technology professional. They will be able to help you set up a strategy for maintaining safe e-mail and online work practices and keep you aware of any new threats in your industry. It may not seem important initially, but if a little bit of preparation can save you from a $100 million dollar theft, it’s definitely worth the investment.
