Eric Howes, KnowBe4 Principal Lab Researcher observed:
"Here is a screenshot of a phishing email that came in Friday. In it the bad guys attempt to apply the same modus operandi currently bring used to hijack victims' paychecks to go after their retirement savings.
In this phish the bad guys are spoofing the President and CEO of the company. The recipient is the company's Benefits Manager.
I suspect the bad guys will find this confidence scam doesn't work in nearly as straightforward a fashion as the paycheck-hijack scheme. But even when these kinds of phishing attacks don't succeed, they still offer an opportunity for malicious actors to gather intelligence, learn from the unwitting employees with whom they communicate, and refine their approach.
It took the bad guys a few months to develop a viable social engineering scheme for snatching employees' paychecks. But they have it down now, and "direct deposit" phishes are a standard component of the daily mix of malicious emails reported to us with the PAB -- right up there with other forms of CEO fraud, including iTunes gift card phishes, wire fraud phishes, and W-2 phishes.
So, this is just the beginning. Unfortunately, some folks will likely see their retirement accounts cleaned out before their organizations finally start to take the threat of CEO fraud phishing seriously."