EAST POLL January to April 2020
CEO Fraud (also known as Business email compromise or BEC Fraud) is a type of spear-phishing email attack in which the attacker impersonates your Chief Executive, Managing Director or other business leader (CEO). Typically, the attacker aims to trick you into transferring money to a bank account owned by the attacker, to send confidential information on other staff members, or to reveal other sensitive information.
A CEO Fraud email is typically launched in two ways: The first is name spoofing where the attacker uses the name of your CEO, but a different (although very similar) email address to trick you into responding; the second is name and email spoofing where the attacker uses the name of the CEO along with the correct email address, but with a reply-to email address that is different to the sender’s email address.
CEO fraud is dangerous because the attacker relies on the authority of the CEO to obtain sensitive information or acquire cash. Many employees are reluctant to question a request from their CEO and will fall into the trap of responding to the email.
Does your company/organisation have guidelines/policies to make employees aware of the risks of CEO Fraud? Take the poll to express your view?
Your opinion counts; Through these research polls EAST regularly seeks to generate insight and opinion from members and non-members on a range of Payment and Terminal security and related issues.
Please check back regularly to share your views. Contact us if you would like to pass additional feedback to EAST on this topic. Past poll results are in the file below.