Protecting Against CEO Fraud

Matt Dryfhout laughing with a group, holding a drink

While most people would think twice about helping out a down on their luck Nigerian Prince, it’s a lot harder to dismiss an email that seems to be from your boss. This is what makes this type of phishing – commonly known as CEO Fraud – so effective. And it is not just CEOs. Any VIP in your company can be used to make an otherwise suspicious request seem legitimate at first glance. Requests for things like bank transfers or gift cards or sensitive information.

I’ve certainly received my share of legitimate left field requests, hastily typed on the way to a meeting or at 4am because their kid is awake. Requests for cool gadgets, gifts, or sponsorship for clients. Once I took a day off and came back to a Foosball table, because my boss thought it would be fun. He wasn’t wrong, even if it now lives in the kitchen because there is no-where else to put it. $500 in gift cards doesn’t seem that strange after that.

Due to how well it works, CEO Fraud phishing attacks are rampant. One of our clients received an email asking for a bank transfer from what looked like their CEO, but it sounded more abrupt than normal, so she walked down the hallway and asked. He knew nothing about it. That is the best case scenario. Others have received emails like this when their CEO is travelling, or when they are about to leave for the day, and confirming that it is valid seems more effort than it is worth. It’s from their boss after all. Unfortunately for them, when it concerns this sort of phishing, that is not a good cost-value proposition.

It’s hard work always being suspicious, which is why we are so excited about a new email security feature that we are going to be rolling out over the next couple of weeks called Identity Protection.

What Identity Protection does is flag matching Display Names – the name you see as the sender of an email – for any VIPs in your organization. For example, if I received an email with a Display name of Matt Dryfhout, but the email address did not match his primary company email, then it would be flagged with “Possible Impersonation” in front of the subject. This is the recipient’s cue to take a moment and verify that the email is legitimate before actioning it.

If you are a part of our Managed Services Program, we will be reaching out to you soon to get this set up.

If you are not and would like more information about our Managed Services, click here.