FBI ALERT: Cybercriminals Spoof Your Domain With CEO Fraud

FBI ALERT: Cybercriminals Spoof Your Domain With CEO Fraud

The FBI recently warned against a new cyber crime wave. It's called "CEO Fraud" where cybercriminals impersonate your CEO using your own spoofed domain name, and order employees to transfer large amounts of money out of the country.

It happens to both small and medium organizations and the average damage per incident is 100,000 dollars. These cyber criminals monitor the email of the CEO for months, wait for the right time to pounce, and then send urgent emails that look like they come from the CEO ordering wire transfers.

Very often they can spoof your own domain name, if your email server is not configured correctly. To prevent this new type of CEO fraud, your email server should block incoming emails that look like they come from your own domain, but many email servers are misconfigured and allow these spoofed emails in.

KnowBe4 can help you find out if this is the case. There is no charge and it just takes one email from us to you. While we are on the phone, we will send a spoofed email "from you to you" and if it makes it through into your inbox, you know you have a problem that needs to be moved to the top of the list of urgent things to fix.

This is a simple, non-intrusive "pass/fail" test. No hacking required, it literally takes just one email sent by us, that is all. It's called the KnowBe4 Domain Spoof Test (DST), and you can sign up right now.

If you have not done this yet, I strongly recommend you do this immediately. If you don't do it, cybercriminals will.

Can hackers spoof an email address of your own domain?

DSTAre you aware that one of the first things hackers try is to see if they can spoof the email address of your CEO? If they are able to commit "CEO Fraud", penetrating your network is like taking candy from a baby.

Now they can launch a "CEO fraud" spear phishing attack on your organization, and that type of attack is very hard to defend against, unless your users are highly ‘security awareness’ trained.

Find out now if your domain can be spoofed. The Domain Spoof Test (DST) is a one-time free service. Run this test so you can address any mail server configuration issues that are found.

Try To Spoof Me!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Topics: CEO Fraud

Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews