CEO fraud phishing is an email-based attack where hackers impersonate senior company executives to steal funds or gain access to sensitive business data or login credentials. In 2016, the FBI reported a 1300% increase over an 18-month period in business email compromise attacks of this kind.
CEO fraud typically uses spear-phishing techniques to dupe users into revealing sensitive information or transferring money to a fraudulent account. What is spear phishing? Spear-phishing is a targeted attack where hackers send an email that appears to come from a source the recipient would trust. In the case of CEO fraud phishing, the sender appears to be the company's CEO or another C-suite executive like a chief financial officer.
A CEO fraud phishing email typically asks the recipient to initiate a wire transfer to a vendor that ultimately proves to be fraudulent. CEO fraud phishing attacks often rely on two techniques to perpetrate this fraud: sending an email from a compromised email account of a senior employee, or sending an email impersonating a senior employee with an email address at a fake domain that looks very similar to a legitimate domain.
With millions of dollars lost is to CEO fraud phishing campaigns each year, companies clearly need anti phishing solutions that can protect employees, executives and organizations from falling prey to these attacks. Understanding how to spot phishing attacks is a good start, but sharing phishing tips with employees is unlikely to stop a CEO fraud phishing mail attack every time.
Fortunately, Mimecast provides a strong backup – anti phishing software that can prevent CEO fraud phishing with automated scans of all inbound and internal email to identify suspicious content, links and attachments.
Mimecast's CEO fraud phishing prevention services are part of an all-in-one, subscription-based service for email security, archiving and continuity. This easy-to-use solution can be implemented quickly – there is no hardware or software to install. And Mimecast CEO fraud phishing software and other email solutions can be easily managed through a web-based interface on a single pane of glass.
Mimecast Targeted Thread Protection – Impersonation Protect was the first solution for CEO fraud phishing brought to market, and it provides instant and comprehensive protection against these kind of impersonation attack. To identify, block and remediate CEO fraud phishing emails, Mimecast can:
Learn more about CEO fraud phishing and Mimecast.