The dangers of CEO fraud phishing
CEO fraud phishing is an email-based attack where hackers impersonate senior company executives to steal funds or gain access to sensitive business data or login credentials. In 2016, the FBI reported a 1300% increase over an 18-month period in business email compromise attacks of this kind.
CEO fraud typically uses spear-phishing techniques to dupe users into revealing sensitive information or transferring money to a fraudulent account. What is spear phishing? Spear-phishing is a targeted attack where hackers send an email that appears to come from a source the recipient would trust. In the case of CEO fraud phishing, the sender appears to be the company's CEO or another C-suite executive like a chief financial officer.
A CEO fraud phishing email typically asks the recipient to initiate a wire transfer to a vendor that ultimately proves to be fraudulent. CEO fraud phishing attacks often rely on two techniques to perpetrate this fraud: sending an email from a compromised email account of a senior employee, or sending an email impersonating a senior employee with an email address at a fake domain that looks very similar to a legitimate domain.
CEO fraud phishing prevention with Mimecast
With millions of dollars lost is to CEO fraud phishing campaigns each year, companies clearly need anti phishing solutions that can protect employees, executives and organizations from falling prey to these attacks. Understanding how to spot phishing attacks is a good start, but sharing phishing tips with employees is unlikely to stop a CEO fraud phishing mail attack every time.
Fortunately, Mimecast provides a strong backup – anti phishing software that can prevent CEO fraud phishing with automated scans of all inbound and internal email to identify suspicious content, links and attachments.
Mimecast's CEO fraud phishing prevention services are part of an all-in-one, subscription-based service for email security, archiving and continuity. This easy-to-use solution can be implemented quickly – there is no hardware or software to install. And Mimecast CEO fraud phishing software and other email solutions can be easily managed through a web-based interface on a single pane of glass.
Mimecast solutions for stopping CEO fraud phishing
Mimecast Targeted Thread Protection – Impersonation Protect was the first solution for CEO fraud phishing brought to market, and it provides instant and comprehensive protection against these kind of impersonation attack. To identify, block and remediate CEO fraud phishing emails, Mimecast can:
- Scan all inbound email in real-time to detect header anomalies, domain similarity, sender spoofing and suspect content – all indications of potential CEO fraud phishing.
- Provide protection against external domain similarity to prevent attacks where hackers exploit trusted third-party relationships and well-known brands.
- Inspect character sets to detect similarities that may not be visible to a user's eye.
- Enable centralized policy management that simplifies reporting and early detection of CEO fraud phishing attacks.
Learn more about CEO fraud phishing and Mimecast.