Corporate Phishing Emails by your Own CEO or CFO

Levers of Control
Knowledge Center


New Topic

Eugene James
Manager, Switzerland

Corporate Phishing Emails by your Own CEO or CFO

Phishing emails constitute a serious threat to the financial stability of a firm. Traditionally, a phishing email involves an unknown sender that requests a recipient to access a web link, which then aks the user to enter certain account data (username, password, ) which then enable the sender of the email to break into the recipient's information system and gain access to confidential information or to perform transactions.

In recent times, criminals have raised their game to introduce a more devious form of phishing email to extort considerable sums of money from unsuspecting finance officers. The practice consists of posing requests as a senior executive within the firm such as the CEO or CFO with similar looking email domain names and request the recipient to urgently transfer a (large) sum of money for fake purposes, such as the acquisition of assets or a company related expense. In the United Kingdom, estimates suggest that 7.6 million were stolen from companies in this manner or related means. In France, around 15,000 companies suffered a similar fate, accounting for 465 million worth of losses since 2010, while in the United States around $740 million were extorted.

According to Katie Morley, to avoid such disastrous outcomes, finance departments must carry out robust due diligence featuring the following practices:
  • VERIFY personally or via phone whether the sender genuinely requests a particular transfer.
  • SET UP an authorization channel, gathering several checks and sign-offs prior to payment submissions.
  • TREAT any unexpected or sudden mail with great caution.
  • CREATE robust passwords and avoid using the same ones for various logins.
  • CHECK for any change in language or style from the sender.
Marie Keyworth & Matthew Wall, "The Bogus Boss' Email Scam Costing Firms Millions", BBC, 8 January 2016
Katie Morley, "Latest Scam - Fraudsters Claiming to be your Boss", The Telegraph, 20 October 2015

Start a new forum topic


More on Levers of Control:
Special Interest Group

Do you have a keen interest in Levers of Control? Become our SIG Leader

Levers of Control
Knowledge Center

About 12manage | Advertising | Link to us / Cite us | Privacy | Suggestions | Terms of Service
2021 12manage - The Executive Fast Track. V15.8 - Last updated: 5-12-2021. All names of their owners.