KnowBe4

Security Awareness Training Blog

CEO Fraud Blog

News about the latest CEO fraud attacks. See how the bad guys actually do this and how much money companies lose to this type of scam.

Brand-New Tool: Domain Doppelgänger Identifies Evil Twin Domains

I gave you a heads-up a few days ago, and now I'm excited to announce the actual release of a new tool to help protect your organization from the bad guys.
Continue Reading

Phishing Attack On Office 365 Account Leads To 3 Million CEO Fraud

A phishing attack on an Office 365-account enabled a 3 Mil CEO Fraud Scam at an investment firm.  Finnish antivirus company F-Secure reported on their blog. One of the employees at the ...
Continue Reading

[ALERT] CEO Fraud Escalates. Bad Guys Now Go After Employee Personal Address And Phone Number

KnowBe4 is observing a serious escalation of CEO Fraud. They are now requesting street addresses and personal phone numbers of employees—an attempt to contact and manipulate employees ...
Continue Reading

Size Still Doesn’t Matter Especially When It Comes To CEO Fraud

Lloyds Bank says that Business Email Compromise (BEC)—also known as CEO Fraud—rose by 58% in the UK over the past year. While BEC is often associated by the media with large firms, ...
Continue Reading

Email Impersonation aka CEO Fraud Remains on the Rise

With an average of 1 in 6 users receiving email-based impersonation attacks, it spells bad news for organizations.
Continue Reading

Scam Of The Week: *Another* New CEO Fraud Phishing Wrinkle

So, here's a new CEO Fraud phish: see these fresh screen shots from emails reported to us through the free KnowBe4 Phish Alert Button. Bad guys spoof the managing partner and CPA and an ...
Continue Reading

$250,000 CEO Fraud In A Municipal Finance Department

Local, state, and Federal authorities are investigating a phishing attack that victimized the city of Alamogordo, New Mexico. One of the city's procurement officers received what appeared ...
Continue Reading

FBI Warns that Business Email Compromise (CEO Fraud) is a "$12 Billion Scam"

The FBI is again warning of the threat posed by business email compromise (BEC, aka CEO Fraud) and email account compromise (EAC). Together, says the Bureau, these have cost businesses ...
Continue Reading

[Heads-up] Employees Sue Company For W-2 Phishing Scam. Federal Court Decides Triple Damages

Imagine my surprise when I saw a picture of myself in the blog of large North Carolina Law firm Poyner Spruill. It was all good though. They had picked up an example of a real W-2 ...
Continue Reading

Finally, The Criminals Pay in CEO Fraud Scam

Some good news finally. It seems that the bad guys do get caught sometimes. In this case, 70 cybercriminals in the U.S. and Nigeria.
Continue Reading

Surprise! What's The Country Where All The CEO Fraud Gangs Are?

A new study by Agari concludes that, despite all the attention nation-state espionage services have been getting for their phishing attacks, the big threat still comes from criminal gangs.
Continue Reading

The Class Action Litigation Consequences of Business Email Compromise Attacks

Sunil Shenoi, Seth Traxler and Gianni Cutri are partners at Kirkland & Ellis LLP and advise clients on a variety of data security issues, including responding to data security incidents, ...
Continue Reading

CEO Fraud Costs Major Airline Millions Of Dollars

This week the international carrier Japan Airlines (JAL) admitted it had fallen victim to CEO Fraud that cost it 384 million yen (about $3.39 million). The incidents took place in ...
Continue Reading

​Trend Micro: CEOs Are The Most Spoofed

Trend Micro researchers reported that  cybercriminals spoofed the CEO email address the most, with CFOs and finance directors being the top attack targets. In their 2017 Midyear Security ...
Continue Reading

MacEwan University Victim Of $11.8M CEO Fraud

CBC News reported that an Edmonton, Canada university was the victim of a $11.8 million CEO fraud attack after staff failed to call one of its vendors to verify whether emails requesting ...
Continue Reading

Nigerian Phishers Have Gone to School and Gotten Their CEO Fraud Diploma

The FBI calls CEO Fraud "Business Email Compromise" (BEC) and it has become a highly lucrative threat vector for attackers. According to IC3, the FBI's Internet Crime Complaint Center, ...
Continue Reading

The RopeMaker Exploit Can CHANGE An Already Delivered Email

Our friends at Mimecast are warning against something scary! This is a sobering example of why scanners and filters will always be behind in the security arms race... They wrote: "Most ...
Continue Reading

CEO Fraud Attacks Were Far More Lucrative than Ransomware over the Past 3 Years

Cisco's midyear report released this week showed that CEO Fraud netted cybercrime five times more money than ransomware over the last three years. The surprising highlight of Cisco's ...
Continue Reading

FBI: "Extortion And CEO Fraud Are The Top Online Fraud Complaints"

And victims aren't reporting ransomware attacks... Online extortion, tech support scams and phishing attacks that spoof the boss (CEO Fraud) were among the most damaging and expensive ...
Continue Reading

Southern Oregon University Lost $1.9 Million Due To CEO Fraud

Mail Tribune reported that Southern Oregon University is just the latest victim of CEO fraud (which the FBI calls Business Email Compromise or BEC) after hackers tricked university ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews