More than 400 businesses get targeted by CEO fraud scams every day, a new report by security researchers Symantec says. CEO fraud is a type of scam in which cyber-criminals target financial staff, often posing as CEOs or other executives, and request large money transfers.
Even though it sounds too simple to work, its success rate is actually quite high, and relies mostly on putting financial staff under a lot of pressure through a sense of urgency, not giving them enough time to think things through.
From those 400 daily targets, small and medium-sized businesses (SMB) are the biggest target (40 per cent). The second largest industry is finance (14 per cent). On average, one company will have at least two individuals being targeted.
Organisations have lost more than $3 billion to these scams in the past three years, with more than 22,000 victims all over the world.
Another interesting takeaway from the report is the fact that one group holds responsibility for 12 per cent of all CEO fraud email traffic. Someone's been earning a lot of money.
Most common subject line is Request (25 per cent), followed by Payment (15 per cent), Urgent (10 per cent) and Transfer Request (9 per cent).
The FBI recently addressed the issue, describing some of the most common scenarios related to CEO fraud. It also gives suggestions and best practices regarding CEO fraud, and explains what a business should do if it becomes a victim of such a scam. The details can be found here.