The Charity commission released a CEO fraud alert a few weeks ago. CEO fraud is not exclusive to charities though. We have seen it happen in all industries, including ours. Phishing attacks that spoof the boss (CEO) is among the costliest cyber scams reported by consumers and businesses last year.
CEO fraud involves the impersonation of the boss with subsequent requests for transfers of funds. What the fraudsters do is keep emailing the CEO for a period of time as they know that the CEO is on holiday. Once they know that that the CEO is on holiday they send emails to key managers to transfer funds to an account and also request that the CEO should not be contacted as he will be travelling for next few days.
Last week I received an email from my managing partner requesting for funds to be transferred to an account as he was on holiday. The fraudster didn’t know that the managing partner was in fact on holiday the week prior to me receiving the email!
The Charity Commission’s Protection and prevention advice:
- review internal procedures regarding how transactions are requested and approved, especially those in relation to verifying validity
- email addresses can be spoofed to appear as though an email is from someone you know. Check email addresses and telephone numbers when transactions are requested. If in doubt request clarification from an alternatively sourced email address/phone number
- if an email is unexpected or unusual, then don’t click on the links or open the attachments
- don’t be afraid to question details when being tasked to transfer money at short notice
- sensitive information you post publicly, or dispose of incorrectly, can be used by fraudsters to perpetrate fraud against you. The more information they have about you, the more convincingly they can purport to be one of your legitimate suppliers or employees. Always shred confidential documents before throwing them away
If you are worried about cybercrime and fraud, check out the National Fraud and Cybercrime Reporting Centre’s website at www.actionfraud.com. The website is packed with prevention advice and what you need to if you were a victim of Fraud.
To see a charity specialist, contact our partner Suda Ratnam on 020 8418 2681 or firstname.lastname@example.org
You can also follow us on Twitter for more tips and news surrounding the charity sector.