Clearly, the audacity of scammers knows no bounds. In this article, we will address a new form of Nigerian scam, this time involving company bosses and SMEs in Quebec. While the fraud’s setup is the same, the sums involved point to greater refinement and even more sophisticated methods. A few clues to watch out for…
The CEO scam
Also known as the “Fake President” scam, this fraud is based on “spear phishing,” as opposed to “phishing”—two forms of Nigerian scams.
Whereas in phishing, the idea is to aim for a larger quantity of “fish” to catch a few, the aim of “spear phishing” is to target a small number of specific targets who could yield large sums. The first victims were in Europe, where millions of Euros were stolen from prestigious firms such as Michelin and Porsche, but also KPMG.
In Quebec, the Sûreté du Québec sounded the alarm in November 2014, but the first cases can be traced back to summer 2014. The intended victims were SMEs.
Social engineering
The CEO scam uses social engineering techniques, which are nothing new. A parallel can be made with the Grandparents Scam, one of many frauds that use such techniques.
The idea is to collect key information on a business and its managers in order to overtake an identity and commit fraud. This scam requires in-depth research on the business. There is no shortage of information sources, especially on social networks. In fact, one scammer used information from a Facebook page highlighting certain employees’ contribution to an annual blood drive to “personalize” an initial fraudulent email. Once a credible scenario was established, an email was sent to an employee with access to cash flows. The scammer used the company CEO’s identity to request a large wire transfer to a foreign bank account.
Europe has also witnessed a scam involving false international wire transfer orders. When the employee answers an initial scam email, the scammer has access to an official email containing the logos and signatures to copy in order to authorize fraudulent transactions with banks.
Some scammers even call the targeted employee to confirm the transaction. Clearly, these scammers carefully plan out their attacks and are very well organized. The wired funds then make their way to China, before being redistributed to members of the network across Europe. These sums are difficult to recover.
Fortunately, several clues can help identify a scam email and prevent fraud.
Fraudulent emails often contain the following:
- Poor English and flawed sentence structure;
- Suspicious domain addresses for an established businesses with a physical presence (such as Gmail or Hotmail); and
- Foreign-based servers hosting the domain address.
But above all, they have one hallmark in common: a request for financial information, camouflaged by emotional entreaties such as flattery, in order to divert the employee’s attention away from the nature of the request. SMEs must remain extremely vigilant, given that such scams have succeeded in the past and no one is safe from them.
Prevention remains the simplest way to guard against the CEO scam. Consequently, it is important to be familiar with and able to identify it.
