For the last 9 years I have been a board member of the public/private Clearwater Downtown Partnership. And as many public organizations, all the board member information is freely available through the website.
So, some half-smart phishing scammer sent me a CEO fraud email, demanding I send money urgently to a bank account. It was clear as daylight checking the headers that it was a fraud. I decided to see how long we could keep that going, here is the whole email exchange blow-by-blow:
Stu ,
How are you doing! Please I want you to make transfer payment of $5,250 on behalf of the association today, i will like to know available balance on our account i need you to handle this right away, while i send you the beneficiary bank info.
Regards.
Grant Wood
Sent from my iPad
Well, that sounds like fun! My answer:
Sure! Where do you need it sent?
Stu
Sent from my iPad
So he sends me back detailed bank instructions, pretty much right away:
Stu ,
Below is the bank details required for the outgoing wire transfer in the amount of $5,250.
Bank Name: Greendot Bank Account
Name: Ricky Duran
Account No: 20121005075110
Routing No : 124303120
Bank Address: 3330 Southwest 17th Street Oklahoma City, OK 73108
Have this remitted, send me confirmation when completed and keep the original copy for your reference. Regards.
Grant Wood
Sent from my iPad
Next, I ask this:
Hey Grant,
What is this for please? I need to book this under the right account
Stu
Mr. Nigerian Bad Guy comes back with:
Stu,
It is for Supply Service to CDP. Book it as (Supply Service)
Regards.
Grant Wood
Sent from my iPad
So, we decide the throw him for a loop and see what he does:
I'm sorry Grant, I lost the password to the Bank Account!
:-(
Stu
He's showing some creative problem solving here! Check this out:
Stu ,
You can as well get this done in the bank. We need to sort this out today.
Regards.
Grant Wood
Sent from my iPad
So now I decide to see what happens when we try to stall a bit further. Check it out, he now resorts to thinly veiled threats ! (all typos and grammar are his)
Stu ,
Nevermind, I will have to table this matter before the board. How can we pend something that needs urgent attantion here because you forgot the code and super busy.
Regards.
Grant Wood
Sent from my iPad
Wow, now I'm getting scared!
I'm very sorry Grant.
How can I make up?
Stu
Grant shows his generous side: :-)
Stu,
You just need to complete this today.
Grant.
Sent from my iPad
Next I'm getting interested in de bank details:
OK. Just.. Who is this Ricky Duran?
Stu
Uh-Oh, The stick comes out again !
Stu ,
He is the vendor (Supplier). Are you doubting me?
Regards.
Grant Wood
Sent from my iPad
I'm being contrite and try to be my best self...
No, no, absolutely not. But it's my responsibility to keep the books in order.
Where are you today?
Stu
Mr Bad Guy knows how to use Google Maps apparently. This is 200 Miles north from us. His English is deteriorating.
Stu,
In Olustee for a meeting. Kindly, send me the cofirmation slip when you are done with the transfer.
Regards.
Grant Wood
Sent from my iPad
I know, curiosity is a bad habit but I cannot help myself and ask after an hour of more stalling:
Sorry ! I was in a meeting !
Oh, by the way, what are you doing in Olustee?
Stu
He's stern with me now, trying to assert the fact he's the Chairman of our group:
Stu ,
I am in a business meeting.
Regards.
Grant Wood
Sent from my iPad
I decide to stay quiet for a while and see if he comes back, I do have a job to do. But sure enough...
Stu ,
I am still waiting to hear from you.
Regards.
Grant Wood
Sent from my iPad
Now I am on my knees begging for forgiveness! :-)))
Grant, I am very, very sorry and I do not want to cause a bad impression for the board.
But I have been in urgent meetings all afternoon. Is it really urgent?
Stu
OK, I see that this can't wait any longer after I get the next answer. I will just have to transfer the money now. LOL
Stu,
This is extremely urgent.
Regards.
Grant Wood
Sent from my iPad
This thing has gone on during the whole day, and I decide to clarify who I am.
"Grant",
You omitted to do a bit of research. Check out what I do for a living...You have been reported to the FBI and that bank account will be shut down soon. Get a life.
Stu
Answer from Mr Bad guy:
...crickets...
Since CEO Fraud has been skyrocketing the last 12 months, causing at least a whopping 1 Billion dollars in damage, it's a must stepping your users through effective security awareness training which includes frequent simulated attacks.
For instance, KnowBe4's integrated training and phishing platform allows you to send fully simulated CEO Fraud emails so you can see which users answer the emails and/or click on links in them or open infected attachments.
See it for yourself and get a live, one-on-one demo.
PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:
https://info.knowbe4.com/kmsat-request-a-demo
