back to article Fake CEOs pilfer $2.3bn from US biz pockets in three years – Feds

Scammers have bilked American companies out of $2.3bn from 17,642 victims since 2013, the FBI has warned, and the problem is going to get worse before it gets better. Basically, the hustle works like this: miscreants pretending to be top bosses send emails to employees, particularly those handling sensitive financial …

  1. Anonymous Coward
    Anonymous Coward

    The "urgent transfer" request sent to the CFO trick?

    Yup, got a few of those and made reports to law enforcement, FWIW.

    Mails were coming from a typosquatting domain name registered at GoDaddy (useful to start a UDRP request if the company lawyer has spare time). They were even using the company logo (though the one valid before the latest rebranding) and addressing the CFO by first name. Nice.

    The problem was that the request for urgent payment into some panamian outfit was for a product that it makes no sense for our company to handle and the attached bill looked like it was coming from the printshop annex of the local shrimp&noodles stall.

    IIt all looked all a bit fishy.

    Might make sense if the CEO is not known to not perform not entirely reputable deals, so it might pass in some contexts.

    1. Anonymous Coward
      Anonymous Coward

      Re: The "urgent transfer" request sent to the CFO trick?

      I've heard the dodgyness is intentional to filter out non-gullible people.

      For example re-compressing the company logo with jpeg artefacts. Nice.

      1. Michael Wojcik Silver badge

        Re: The "urgent transfer" request sent to the CFO trick?

        I've heard the dodgyness is intentional to filter out non-gullible people.

        That's from a 2012 Cormac Herley paper, "Why do Nigerian Scammers Say They are from Nigeria?". Herley works for Microsoft Research and does a lot of work on the economics of security, particularly behavioral economics, and why what look like irrational choices by victims and attackers are often economically justifiable (for them).

        In that paper he shows that phishing is a binary classification problem, and it performs much better if the attack has enough implausible elements to weed out the less-susceptible targets.

        Herley's work is well worth reading, particularly for people who think of IT security as simply a technological matter, or an issue of training users.

        1. Anonymous Coward
          Anonymous Coward

          Re: The "urgent transfer" request sent to the CFO trick?

          Especially since the crook has to respond to and string the victim along, requiring time and effort on their part.

          Thin the herd at the front end, so you're only dealing with the abysmally stupid.

          An ad in USA Today might serve the same purpose, if you want to add the unconnected idiots to the pool.

    2. tmTM

      All down to the people in charge ultimatley

      If they operate the friendly "ask me if you have an issue", "no question is stupid" type of business then these would get flagged up, employee's would double check (just a simple phone call) before sending large amounts of money over-seas.

      If they're the kind of angry, pent-up moron who barks orders and expects people to fall in line then it's obvious this kind of scam will easily operate.

    3. Vic

      Re: The "urgent transfer" request sent to the CFO trick?

      Mails were coming from a typosquatting domain

      My email client has the ability to colour emails based upon various criteria - including the domain from which the mail comes. Typo-squatter emails don't get coloured...

      Vic.

  2. x 7

    anyone who pays monies at the behest of the CEO alone is an idiot.

    The request should ALSO be approved by the CFO at least

    1. Evil Auditor
      Devil

      I agree. Simply send the sham request to the CFO. Done.

  3. a_yank_lurker Silver badge

    Internal Controls

    It seems like many of the scammers are trying to hit an amount that is in the sweet spot; enough to make the scam worthwhile but not enough to require running the approvals up the chain. Fake invoices and the like probably have going for decades but not always spotted or reported.

  4. Winkypop Silver badge
    Joke

    Fake CEO's ?

    What is the world coming to?

    But all those Nigerian Princes, they're legit, right?

    1. Anonymous Coward
      Anonymous Coward

      Re: Fake CEO's ?

      "But all those Nigerian Princes, they're legit, right?"

      Well, mine is.

      Discretion has been called for and promised, but suffice it to say that when my small investment put up as a gesture of good will and some minor niggling sums used to grease some corrupt palms pays off : Salma Hayek, Trophy Wife, nod,nod, wink, wink.

  5. Shoot Them Later
    Coat

    Fraudulent CEOs

    There was me thinking that CEO fraud was what happend when the CEO drove the company into the ground by pursuing short term stock price gains so that they can walk away from the flaming crash with all their share options nicely vested.

    Learn something new every day.

    [Icon: in your coat, stealing your wallet]

  6. Tuesday Is Soylent Green Day

    That's why every company needs to update their CEO regularly

    If they wish to remain completely secure, removing the CEO entirely is an even better solution.

  7. Robert Carnegie Silver badge

    Think twice

    if you are asked to provide "a wire fraud transfer", it may not be an authentic request.

  8. The Godfather
    FAIL

    Stupidity...

    Fascinated that businesses should leave themselves open to such fraud. I'll wager many of them have anti fraud processes but fail to follow them or update them. It really is a simple case of implementing a risk policy, keeping everyone in an organisation aware of it, constantly updating it and above all, ensuring everyone follows it.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022