CEO Fraud and how to prevent it

Surviving a two-year global pandemic has given CEOs and company owners enough headaches to last a lifetime. To that, add the fact that cybercriminals are also ramping up efforts to hack computer systems in order to impersonate top-level executives and gain access to sensitive corporate information, or worse still, authorisation for financial transactions, and it becomes clear that business owners have their work cut out for them.

CEO Fraud, otherwise known as Business Email Compromise (BEC), has increased drastically over the past years. The scam is generally carried out by sophisticated cybercriminals who manage to compromise legitimate business email accounts through methods known as social engineering or computer intrusion techniques.

How can you guide your organisation to prevent CEO fraud? Here’s a simple yet effective checklist that can help you and your organisation to avoid much heartache:

1. Business owners need to ensure that everyone across their company stores passwords safely

To start off, the most important thing that any company can do is safeguard its passwords.

For those who are more forgetful, there are a plethora of apps that can be used to safely secure your sensitive company passwords. Alternatively, some might prefer to go old-school and write passwords on a notebook. Hackers certainly do not have access to those.

Additionally, business leaders must understand and stress the importance of strong passwords from day one. It is important for leaders to ensure that managers are giving their employees the right kind of training when it comes to company security.

2. Independently verify payment requests

Any payment requests from suppliers or service providers with new or amended bank details received by email or phone should be independently verified. This also includes internal emails from senior management that contain payment requests.

3. Count to 1,2, 3

If you are being pressured to urgently settle a payment request, even if they appear to originate from somebody senior within your organisation, remember that this is a highly common tactic used by fraudsters hoping that the false sense of urgency will prevent business leaders from being discerning.

4. Less is more

The old adage of ‘less is more’ continues to hold. Being mindful of how much information you reveal about your company and its senior officials via social media platforms and out-of-office emails can go a long way in withholding key information to potential hackers.

5. Knowledge is king

It is essential to make all staff aware of this type of fraud, particularly those responsible for making payments and effecting transactions. Communication between colleagues, even simply picking up the phone when a payment request comes in is a small but highly effective way of bypassing scammers.

The best way to avoid such situations is for company owners to make sure that employees are aware of the dangers of clicking on unknown links, and to double check whenever they receive emails that might look suspicious or out of the ordinary. Training is key.

Prevention is always better than cure and a little bit of extra attention will certainly do no harm.