Asbestos surveyors transfer £50,000 to fraudsters after falling victim to CEO fraud
The CEO of an asbestos surveying company received an email from what appeared to be Microsoft, requesting that she validate her account details to continue using the Outlook service. As the email looked legitimate, the CEO clicked through to an also seemingly looking legitimate landing page, where she inputted her login details.
This is known as a credential phishing scam, whereby cyber-criminals trick individuals into voluntarily handing over their login details, leading to inbox infiltration. CEO’s and senior executives are often prime targets for cyber-criminals as they usually act as the face of their companies and as a result, their profiles on company websites and social media are often more detailed, allowing cyber-criminals to gather valuable information about them.
Completely unaware, the CEO had submitted her details to the fraudster, who now had full access to valuable information such as how and when invoices were processed by the company and her whereabouts from her Outlook calendar. Having waited until the CEO was travelling abroad, it was the perfect opportunity for the fraudster to carry out their attack on the business. Posing as a member of the accounts department for one of the business’s suppliers, the fraudster sent an email to the CEO, attaching an invoice for £50,000 which again, appeared legitimate as the fraudster had used the exact template that was sent from the same supplier on other occasions, the only difference was a change in the bank account details, which would re-route the payment to a fraudulent account.
The fraudster then logged back into the CEO’s account, forwarding the email to an individual in the companies finance department, requesting that the payment should be made urgently. Waiting a few days in between two further requests, the fraudster was able to forward two further fraudulent invoices to the accounts department, who in turn made payments totalling £100,000.
It wasn’t until the CEO returned to the office that the payments were raised during a meeting and the scam was uncovered. These funds were irretrievable through law enforcement or the bank as the money had been moved out of the fraudulent account. Fortunately, the business had cyber insurance with our cyber partner and therefore, they were able to recover the losses in full.
To learn more about our Cyber Insurance offering, please click here.