FT: CEO Email Scam Costs Companies $2bn

A scam in which criminals impersonate the email accounts of chief executives has cost businesses around the globe more than $2bn in little over two years, according to the US Federal Bureau of Investigation.

The FBI has seen a sharp increase in “business email crime,” a simple scam that is also known as “CEO fraud”, with more than 12,000 victims affected globally.

In the scam, a criminal mimics a chief executive’s email account and directs an employee to wire money to an overseas bank account. By the time the company realises it has been duped, the money is gone.

Read more from the Financial Times:
How companies are hit by email scams
One in four companies hit by cyber attacks
Apple to strengthen iCloud encryption

The average loss is $120,000 but some companies have been tricked into sending as much as $90m to offshore accounts, US authorities say.

Reports of CEO fraud are accelerating. Between October 2013 and August 2015, about $1.2bn globally was lost to the scheme, the FBI said, but that loss increased by another $800m in the past six months. US authorities have traced the money involved to 108 countries.

“Criminals don’t have borders and this is a global problem,” said James Barnacle, chief of the FBI’s money laundering unit. “We’re working with our criminal investigation resources, our cyber resources, our international operations divisions — which is all our legal attachés overseas — and we’re working with foreign partners around the world to try to tackle this crime problem.”

The rise in reported CEO frauds can be partly attributed to companies detecting the crime, but it also reflects the simple nature of the scheme that can be run from anywhere around the globe.

“It’s easy. All you need is a computer,” Mr Barnacle said.

Most of the offshore bank accounts in which the money ends up are located in Asia or Africa, where it can be harder for the US to gain the assistance of local authorities.

The FBI has seen similarities between different CEO fraud schemes but it is not clear if there is one dominant global ring.

“We’re putting more resource to it. We’re trying to find those patterns,” Mr Barnacle said.

The FBI advises companies to be more guarded with their information even if it means taking additional steps that are not cost-effective, such as making a phone call to the executive to confirm the transfer.

The crime has hit very large companies and small ones. Most recently, there have been new reports in the US of criminals targeting real estate firms to steal closing fees on housing sales. Some companies have been asked by imposters to email employee wage and tax statements.

Last year police from Italy, Spain and other European countries arrested more than 60 members of an alleged criminal group, including several Nigerians, for their role in an email fraud scheme that affected hundreds of individuals and tens of companies.

Still, few cases have been made, reflecting the challenges of combating international cyber crimes.

 

Link:
http://www.cnbc.com/2016/02/25/ceo-email-scam-costs-companies-2bn.html &

http://www.ft.com/intl/cms/s/83b4e9be-db16-11e5-a72f-1e7744c66818,Authorised=false.html?siteedition=intl&_i_location=http%3A%2F%2Fwww.ft.com%2Fcms%2Fs%2F0%2F83b4e9be-db16-11e5-a72f-1e7744c66818.html%3Fsiteedition%3Dintl&_i_referer=http%3A%2F%2Fwww.ft.com%2Fhome%2Fus&classification=conditional_standard&iab=barrier-app