Half a million UK SMEs affected by CEO fraud
A recent study by Lloyds Bank has found that CEO fraud, through which someone impersonates the CEO of a company via email, is costing SMEs about £27,000. The study also revealed that this type of fraud is on the rise.
Barracuda Networks, an IT security company, discovered that CEO fraud is becoming a favourite method for cybercriminals to steal sensitive information, money and spread malware. The main purpose of CEO fraud is to fool email recipients into transferring money into the bank accounts of cybercriminals.
In case of CEO fraud, hackers take control of a CEO’s email account and then send emails to employees lower in the hierarchy to do a financial transaction on behalf of the company.
Around 53% of respondents to the Lloyds Bank survey said that they have had to deal with cybercriminals impersonating their bosses, and another 52% said that they had to contend with scammers posing as suppliers and submitting fake invoices with bank account details changed.
These invoice and CEO frauds are easy to perpetrate, as very few organisations have measures in place to verify email instructions from top executives and CEOs. In most cases, cybercriminals intercept legitimate emails and change the bank details of the beneficiary in a fraud has become highly prevalent, said Lloyds Bank.
The bank went on to add that CEO fraud is extremely worrying, as scammers can easily change details in a genuine and ongoing email thread. Recipients do not receive any warning signs that a fraud is being committed.
Lloyds Bank advised organisations to check for alterations of their financial information in email because it is not a secure mode of communication.
The survey found that CEO fraud has affected SMEs, with 7% experiencing financial problems after the fact and 6% having to make employees redundant due to financial issues.
With one in 12 survey participants claiming that they have fallen victim to CEO fraud, Lloyds Bank said that the issue has affected almost half a million UK SMEs in total.