Almost everyone has heard of the Nigerian Prince email. Some of you may have even received the email from the Nigerian Prince during the baby step years of the internet. A small portion of you may have even fallen prey to this email.
This email (while laughably funny and ridiculous) caused quite a number of individuals to lose serious sums of money. This scam has not only been used via the internet, but also through fax and traditional mail, making the elderly prime targets and victims for this sort of scam.
Cyber Criminals targeting individuals
The now notorious Nigerian Prince Email Scam (AKA 419 Scam) has been sent out to millions of email addresses with the hope of “phishing” some funds from an individual or individuals that considered the email as a worthwhile and legitimate investment. The email was sent from a supposed Nigerian Prince who promised riches, of course in exchange for a temporary disclosed transaction to his bank account. Now I don’t need to tell you that he didn’t come true on his promise, or that he was even a Prince for that matter!
This sort of scam; while still in existence, is no longer at the forefront of most cybercriminal strategies. As time has gone on, internet users have become more savvy and aware of the warning signs of a “phishing” scam. This has meant that online fraudsters have had to evolve their strategies and refine their criminal activities in order to successfully steal your money.
How Cyber Criminals are targeting Businesses today
The best scams back in the day would use information from either publicly trusted figures or authoritative members of society and present that information to the victim in a way that suggests it was sent by the figure or authority. Today, it’s reasonably easy to detect this sort of online scam and completely ignore it.
But how about this:
Let’s say you’re at work, just going about your daily tasks and then an email lands in your employees inbox from you, except the email wasn’t actually sent by you.
The email has all the quirks and writing mannerisms they would expect from you, so nothing strikes them as out of ordinary. They continue reading the email and start to notice a few things that seem a little strange, but the email talks generally about a project that you have been working on with them so they don’t completely distrust the source of this email.
The email is requesting that they send a hefty amount of money to an account you have never seen before. The email covers for this unknown account and is making it a point that the transaction is urgent, and must be done soon.
They reply to the email and ask if it is really you. The email replies with some irritation, stating that it truly is you, and your employee must make the transaction soon.
Worried that your employee may have upset you, they decide to send the money to this account not wanting to hesitate any further. They wanted to talk to you, but the urgency in the email meant that they didn’t.
The money disappears and you and your employee have no clue how something like this could have happened.
What is “CEO Scamming”?
CEO scamming has become an extremely successful stream of revenue for online fraudsters looking to pull in big bucks quick. Like a top of the class student, our favourite cybercriminals pour their time into investigating and studying the business they are targeting as well as gathering information on the CEO/Director/General Manager of the business. They then use this unique information to coerce employees into releasing sensitive information or funds through email.
Some craftier scammers study the figureheads of the business they are targeting to create a believable narrative in their emails. This means the employee can be more likely to comply with the instructions, and not seek a second opinion from a colleague or overseer.
How do I avoid the CEO Scam?
The best possible defense against this sort of scam is a healthy line of communication.
If you are an employee, is your boss:
- Easy to talk to?
- Easily accessible?
If such a situation were to arise, you would seriously hope that all of these questions answered with a confident “Yes”.
If you’re a Boss:
- Do you have protocol in place for suspicious emails?
- Are your employees trained to detect potential phishing scams?
- Do project yourself as approachable, reasonable, and available to your employees; especially concerning serious subjects such as money, health, and personal circumstances?
If you find yourself agreeing with the bullet points above, you can rest easy knowing your business won’t be under major threat of a CEO Scam. However, if you feel that you can’t resolve at least one of the questions listed above with a positive answer, you may need to review those areas to better secure and protect your business.
Bryn deals directly with assisting small to medium business clients, whether in early stage or mature, in relation to their Accounting, Taxation, and Business Growth. If you’d like to speak with Bryn about growing your business, contact us