CFO Fraud

    The dangers of CFO fraud.

    The dangers of CFO fraud

    CFO fraud is a new kind of cyber threat that seeks to defraud companies by targeting high-level financial administrators. Collectively known as "whaling," CFO fraud and similar attacks on CEOs and other top executives seek to compromise an organizations security by duping members of finance teams into wiring cash to hackers and cyber criminals. 1These types of attacks have risen sharply in the past couple of years — the FBI's Internet Crime Center of IC3 reported in August 2015 that successful attacks had increased by 270% since the beginning of the year.

    CFO fraud usually begins with a spear-phishing email that appears to be from the CFO or another high-ranking executive and requests a wire transfer be made to an account that is later discovered to be fraudulent.

    Preventing CFO fraud requires more than employee education, as nearly one-quarter of employees continue to open spear-phishing emails even after receiving training to spot such fraudulent attempts. To prevent spear phishing and CFO fraud, organizations need powerful phishing protection that can eliminate the potential for human error in identifying and responding to suspicious emails.

    That's where Mimecast can help.

    1"FBI Warns of Dramatic Increase in Business E-Mail Scams" - Federal Bureau of Investigation, April 2016




    Prevent CFO fraud with Mimecast

    Mimecast Targeted Threat Protection with Impersonation Protect is Mimecast's solution for CFO fraud and other kinds of whaling attacks. This powerful service scans all email and uses key indicators to determine whether the content of an email is likely to be part of a CFO fraud or other kinds of attacks that use social engineering such as spear-phishing and virus ransomware.


    Help Mimecast stops CFO fraud

    To stop phishing emails and CFO fraud, Mimecast scans each message for specific signs of fraud. These indicators include:

    • A sending domain name that is a near match to the recipient's corporate domain name.
    • A display or friendly name that appears to be from a spoofed Internet email address.
    • A domain name that has been newly registered and which is more likely to be suspicious.
    • Specific keywords in the body of the message such as "bank transfer" or "wire transfer."

    When an email is deemed suspicious, Mimecast can block it, bounce it or tag it as suspicious to ensure that employees receiving the email are not tricked into making fraudulent wire transfers or revealing sensitive employee data.

    Learn more about preventing CFO fraud with Mimecast, and about Mimecast solutions for Office 365 phishing scams and email phishing scams.

    Back to Top