Corporate Phishing Emails by your Own CEO or CFO

Levers of Control > Forum Log in

Corporate Phishing Emails by your Own CEO or CFO
Eugene James, Manager, Switzerland

Phishing emails constitute a serious threat to the financial stability of a firm. Traditionally, a phishing email involves an unknown sender that requests a recipient to access a web link, which then aks the user to enter certain account data (username, password, ) which then enable the sender of the email to break into the recipient's information system and gain access to confidential information or to perform transactions.

In recent times, criminals have raised their game to introduce a more devious form of phishing email to extort considerable sums of money from unsuspecting finance officers. The practice consists of posing requests as a senior executive within the firm such as the CEO or CFO with similar looking email domain names and request the recipient to urgently transfer a (large) sum of money for fake purposes, such as the acquisition of assets or a company related expense. In the United Kingdom, estimates suggest that 7.6 million were stolen from companies in this manner or related means. In France, around 15,000 companies suffered a similar fate, accounting for 465 million worth of losses since 2010, while in the United States around $740 million were extorted.

According to Katie Morley, to avoid such disastrous outcomes, finance departments must carry out robust due diligence featuring the following practices:
  • VERIFY personally or via phone whether the sender genuinely requests a particular transfer.
  • SET UP an authorization channel, gathering several checks and sign-offs prior to payment submissions.
  • TREAT any unexpected or sudden mail with great caution.
  • CREATE robust passwords and avoid using the same ones for various logins.
  • CHECK for any change in language or style from the sender.
Marie Keyworth & Matthew Wall, "The Bogus Boss' Email Scam Costing Firms Millions", BBC, 8 January 2016
Katie Morley, "Latest Scam - Fraudsters Claiming to be your Boss", The Telegraph, 20 October 2015



    Do you wish to study further? You can learn more from the summary, forum, discussions, lessons, courses, training, instructions, expert tips, best practices and education sources. Register.  

Special Interest Group Leader

You here

More on Levers of Control
Best Practices

Expert Tips


About 12manage | Advertising | Link to us | Privacy | Terms of Service
Copyright 2016 12manage - The Executive Fast Track. V14.1 - Last updated: 21-10-2016. All names tm by their owners.