Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    [FBI ALERT] Dramatic Increase in e-mail CEO Fraud To 2.3 Billion.

    FBI CEO Fraud AlertA brand new Alert by the FBI on April 4th 2016 warns of a major increase in what they call business email compromise or BEC (we call it CEO Fraud), amounting to a whopping $2.3 billion in losses. This is very relevant information if you are discussing IT security budget.

    FBI officials are warning potential victims of a dramatic rise in the business e-mail compromise scam a scheme that targets businesses and has resulted in massive financial losses. KnowBe4 has been warning against this kind of threat for a while now, and our platform is able to simulate CEO fraud phishing attacks to inoculate employees against this type of attack.

    Here is what the FBI said: "The schemers go to great lengths to spoof company e-mail or use social engineering to assume the identity of the CEO, a company attorney, or trusted vendor. They research employees who manage money and use language specific to the company they are targeting, then they request a wire fraud transfer using dollar amounts that lend legitimacy.

    Stop Look and Think

    "There are various versions of the scams. Victims range from large corporations to tech companies to small businesses to non-profit organizations. Many times, the fraud targets businesses that work with foreign suppliers or regularly perform wire transfer payments.

    • Law enforcement globally has received complaints from victims in every U.S. state and in at least 79 countries.
    • From October 2013 through February 2016, law enforcement received reports from 17,642 victims.
    • This amounted to more than $2.3 billion in losses.
    • Since January 2015, the FBI has seen a 270 percent increase in identified victims and exposed loss.
    • In Arizona the average loss per scam is between $25,000 and $75,000.

    UPDATE: New FBI statistics as of June 2016 put the total dollar loss figure over $3bil within the US and internationally.

    If your company has been victimized by a BEC scam:

    • Contact your financial institution immediately
    • Request that they contact the financial institution where the fraudulent transfer was sent
    • File a complaint—regardless of dollar loss—with the IC3.

    FBI Tips for Businesses:

    • Be wary of e-mail-only wire transfer requests and requests involving urgency
    • Pick up the phone and verify legitimate business partners
    • Be cautious of mimicked e-mail addresses
    • Practice multi-level authentication

    KnowBe4 can add a few bullet points to these tips:

    • Send high-risk users a spoofed CEO email as an effective security awareness training exercise.
    • Do a Domain Spoof Test and find out if your email server is configured to block spoofing, most are not!

    Try to spoof me!

     

     

    Return To KnowBe4 Security Blog

    Topics: CEO Fraud

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews