CEO Fraud - Million Dollar Crime

2. September 2016

The phenomenon of so-called “CEO fraud,” a sophisticated e-mail scam, in which the attacker spoofs a message from the company management to delude someone at the company into wiring funds to the fraudsters, has hit the German MDAX company Leoni AG last months with a loss of around 40 Million Euro.

 

Unlike traditional phishing scams, spoofed emails used in „CEO fraud“ schemes are usually based on a more or less sophisticated „social engineering“ by organized criminals, which enables them to understand the companies internal relationship, activities, interests as well as travel and purchasing plans.

 

It is worth to note, that Leonie AG stated that „The criminal activities have not affected the IT infrastructure or data security.“ of the company, which means, that the criminal activities against the company was solely based on a sophisticated profiling and not on a hardware intensive cyberattack against the IT-infrastructure of the company.

 

Such profiling cannot be encountered by expensive technical solutions, as it targets the human factor in the companies organization and can only be faced by a holistic sensitization of the management staff and constant surveillance of financial processes in the framework of a comprehensive company policy referring the non-disclosure of company information.

 

Similar cases like the Austrian FACC Operations GmbH (around 50 million Euro loss) or US-based Mattel Corp. (around 3 Million US-Dollar, which has been returned by fortunate coincidence) this year underlined this requirement, as no sophisticated software attack against company network was needed to initiated the car flow.

 

For more information about the issue please click on the links below:

 

Press Release by Leonie AG

 

Further Details of the Leonie AG Scam on knowbe4.com

 

Further Information about the FACC Operations GmbH Scam

 

Further Information about the Mattel Corp. Scam

 

Scam Awareness Flyer of the German Federal Crime Agency (BKA)

Mitgliedschaften & Partner

Kontakt

Hauptniederlassung Sittensen / Deutschland

Lindenstr. 11
27419 Sittensen / Deutschland / Europa

Tel.: +49 42825940798
E-Mail: info@bodyguardagentur.com

Zweigniederlassung Hamburg / Deutschland

Schauenburgerstr. 23
20095 Hamburg / Deutschland / Europa

Tel.: +49 40 87979850
E-Mail: hamburg@bodyguardagentur.com

Repräsentanz Florida / USA

3001 N. Rocky Point Drive, East / 2nd Floor
Tampa / Florida 33607
Vereinigte Staaten von Amerika

Tel.: +1 813 3673578
E-Mail: tampa@bodyguardagentur.com

Repräsentanz Maskat / Oman

Regus Muscat Qurum, 2nd Floor / Tamina Building
Al Nahdha Road Wattayah / Maskat
Sultanat von Oman / Mittlerer Osten

Tel: +968 24667782
E-Mail: muscat@bodyguardagentur.com

Repräsentanz Singapur / Singapur

3 Temasek Avenue
Centennial Tower / Level 21 / 039190 Singapore
Republik Singapore / Asien

Tel: +65 65497209
E-Mail: singapore@bodyguardagentur.com

Repräsentanz Malé / Malediven

H. Jazeera Building / 7. Floor / Boduthakurufaanu Magu
Malé 20077 / Republik der Maldiven / Asien

Tel: +960 7949655
Emai: male@superyachtsecurity.com