Don't be harpooned...

Business Email Compromise, or BEC attacks have been observed targeting top executives in companies large and small. The fraudsters who specialize in this fraud have a new trick up their sleeves.

In a recent case, a firm hired a new CFO in January. Within weeks of his arrival, he received spoofed emails from the organization’s CEO, asking human resources and the accounting department for employee W-2 information.

Fraudsters go for W-2 information because it contains virtually all of the data they would need to fraudulently file someone’s taxes and request a large refund in their name.
These scams are quite sophisticated and have been very successful.  What's different about them is that the thieves are not taking the money directly, they are persuading employees in trusted positions unknowingly to send it to them.

They often attempt to find out when the executive might be travelling and often compromise other employees’ inboxes beforehand via a phishing attack to gain access and scan the content for keywords that show whether the company regularly wires transfers. Once access has been gained, they will tailor the emails with wording to make it appear as though the executive is in urgent need and not in the office by adding “sent from my mobile device” as the signature. 

Be Wary!

Rob Kleeger

Digital4nx Group, Ltd., 8 South Main Street - Unit 70, Marlboro Township, NJ, 07746, United States

Rob Kleeger is the Founder and Managing Director of Digital4nx Group, a boutique firm which offers regional digital forensics services for plaintiffs and defendants in various civil and criminal legal matters. Digital4nx Group provides Digital Forensic Investigations, Electronic Discovery Consulting and Advisory Service, Incident Response to Data Breaches and Cyber Security services.

Real Time Analytics