CEO Fraud Attacks are Citing the California Wildfires

CA_WildFireCriminals are using the California wildfires as a social engineering tactic to manipulate people into buying gift cards supposedly intended for victims of the disaster, according to James Linton at Agari. The scammers send emails to employees of organizations posing as their CEO.

These CEO Fraud emails target employees who work in accounting, finance, or administration, and tell their recipients to purchase gift cards worth hundreds of dollars to be sent to clients affected by the fires. The employees are instructed to send photos of the codes on the purchased cards, after which the criminals can use online services to convert them into regular currency.

One of the demoralizing byproducts of large-scale tragedies is the tendency for scammers to exploit people’s charitable intentions. In September, the US Government warned of phishing campaigns that used Hurricane Florence to prop up fraudulent charities. “Relevance and topicality are two of the main tools cybercriminals will leverage to obtain money or information through email deception,” writes Linton.

As CEO Fraud attacks grow in popularity, organizations need to implement policies that will prevent them from succeeding. As an employee, you should always verify that requests from your executives are legitimate before proceeding. This can be done by using another channel to communicate with them, preferably a face-to-face or a phone conversation.

If the request is particularly suspect, contact a separate executive or other superiors before going forward. New-school security awareness training can educate employees on these threats and instill a healthy sense of suspicion and wariness.

The KnowBe4 platform allows you to spoof your own CEO, and monitor the reply emails that your users might send back to this simulated "bad guy" so you can immediately step them through a short remedial training session. Agari has the story:


CEO Fraud Prevention Manual Download

CEO fraud has ruined the careers of many executives and loyal employees. Don’t be next victim. This brand-new manual provides a thorough overview of how executives are compromised, how to prevent such an attack and what to do if you become a victim.

Click Here To Download The Manual

PS: Don't like to click on redirected buttons? Copy and paste this link in your browser:

Find out how affordable new-school security awareness training is for your organization. Get a quote now.

Get A Quote
Request A Demo

Topics: CEO Fraud

Subscribe To Our Blog

Weak Password Test Contest

Get the latest about social engineering

Subscribe to CyberheistNews