CEO Fraud - Million Dollar Crime

2. September 2016

The phenomenon of so-called “CEO fraud,” a sophisticated e-mail scam, in which the attacker spoofs a message from the company management to delude someone at the company into wiring funds to the fraudsters, has hit the German MDAX company Leoni AG last months with a loss of around 40 Million Euro.

 

Unlike traditional phishing scams, spoofed emails used in „CEO fraud“ schemes are usually based on a more or less sophisticated „social engineering“ by organized criminals, which enables them to understand the companies internal relationship, activities, interests as well as travel and purchasing plans.

 

It is worth to note, that Leonie AG stated that „The criminal activities have not affected the IT infrastructure or data security.“ of the company, which means, that the criminal activities against the company was solely based on a sophisticated profiling and not on a hardware intensive cyberattack against the IT-infrastructure of the company.

 

Such profiling cannot be encountered by expensive technical solutions, as it targets the human factor in the companies organization and can only be faced by a holistic sensitization of the management staff and constant surveillance of financial processes in the framework of a comprehensive company policy referring the non-disclosure of company information.

 

Similar cases like the Austrian FACC Operations GmbH (around 50 million Euro loss) or US-based Mattel Corp. (around 3 Million US-Dollar, which has been returned by fortunate coincidence) this year underlined this requirement, as no sophisticated software attack against company network was needed to initiated the car flow.

 

For more information about the issue please click on the links below:

 

Press Release by Leonie AG

 

Further Details of the Leonie AG Scam on knowbe4.com

 

Further Information about the FACC Operations GmbH Scam

 

Further Information about the Mattel Corp. Scam

 

Scam Awareness Flyer of the German Federal Crime Agency (BKA)

Memberships & Partners

Contact

Main Office Sittensen / Germany

Lindenstr. 11
27419 Sittensen / Germany / Europe

Phone.: +49 4282 5940798
E-Mail: info@bodyguardagentur.com

Branch Office Hamburg / Germany

Schauenburgerstr. 23
20095 Hamburg / Germany / Europe

Phone.: +49 40 87979850
E-Mail: hamburg@bodyguardagentur.com

Representative Office Florida / USA

3001 N. Rocky Point Drive, East / 2nd Floor
Tampa / Florida 33607
United States of America

Phone.: +1 813 3673578
Email: tampa@bodyguardagentur.com

Representative Office Muscat / Oman

Regus Muscat Qurum, 2nd Floor / Tamina Building
Al Nahdha Road Wattayah / Muscat
Sultanate of Oman / Middle East

Phone: +968 24667782
E-Mail: muscat@bodyguardagentur.com

Representative Office Singapore / Singapore

3 Temasek Avenue / Centennial Tower
Level 21 / 039190 Singapore / Republic of Singapore / Asia

Phone.: +65 65497209
Email: singapore@bodyguardagentur.com

Representative Office Malé / Maldives

H. Jazeera Building / 7. Floor / Boduthakurufaanu Magu
Malé 20077 / Republic of Maldives / Asia

Phone: +960 7949655
Emai: male@superyachtsecurity.com