Table of Contents:
Executive impersonation, also known as ‘CEO’ fraud, is the impersonation of trusted executives by hackers – and it’s on the rise. This can lead to employees, customers, or partners giving away sensitive information or money without so much as a second thought.
Impersonation scammers operate in a range of ways, such as through email phishing, fake social media accounts, and domain spoofing. Executive impersonation is highly lucrative for cybercriminals – and extremely damaging to companies: according to the Federal Trade Commision, impersonation scams cost businesses $2 billion from 2020 to 2021.
In this article, we help you to understand how executive impersonation works, why it’s more important than ever to protect your business against it, and how to do it.
Executive impersonation is when a cybercriminal pretends to be someone working at the company, usually in a leading position. Using fake profiles, they contact other executives, business partners, or customers to defraud them of money or sensitive data.
Executive impersonation scammers have a lot to gain from pretending to be company executives, and what they ask for generally fits into four categories:
The pandemic caused this type of cybercriminal attack to skyrocket. With company employees working from home, electronic communication was the only means for executives and employees to contact one another. And there’s no better hiding place for fraudsters than the internet.
This led to a steep rise in executive impersonation via a range of methods, such as email phishing scams, fake social media accounts, and domain spoofing. Between March and September in 2020, around 7000 company CEOs were impersonated.
The pandemic may be nearing its end and some employees are returning to the office, but be wary of letting your guard down. With flexible and remote working becoming increasingly popular and set to increase in 2023, it’s more important than ever for businesses to prevent outsiders from pilfering millions of dollars under the electronic guise of company peers.
Anyone can fall for a scam. Cybercriminals are becoming increasingly cunning in the way they acquire the information they need, and it can be difficult to spot the wolf in sheep’s clothing.
If you’re worried that someone may be impersonating an executive at your company, these are some of the signs you should be looking out for:
No one particular industry is targeted by executive imposters. Often, they are simply businesses with a compromised email system or the business operates via an unprotected business network.
The best way to protect your business from hackers is through preventative measures. Below is a list of ways you can guard your business against intruders and potentially devastating losses:
1- Educate your employees
Prevent scams by telling your employees what to look out for. Unusual emails, personal email addresses, urgency, tone: educate them about how executive impersonation works and the signs they should be wary of.
2- Keep up to date with the latest scams
The chances are if your business is being scammed, you are not the only one. Keep your ears open and read the news for any scam alerts, and alert your employees to new scams targeting businesses.
3- Ensure payment controls
Every business should configure their financial transaction systems to have secondary authentication. This could be in the form of an authorization code from an outside platform, or a phone call with the finance controller before the transaction takes place.
4- Proactively protect your business
There are some fundamental difficulties when it comes to tackling executive impersonation scams. It only takes a minute to set up a new email address or fake domain name, so you may identify and report one scammer – only for another to pop up somewhere else. This can be bypassed with technology-based solutions that stop impersonation scams in their tracks – and at scale.
Red Points Impersonation Removal Software automatically detects and takes down fake accounts, apps, sites and domains. It’s an all-encompassing solution that protects your business from impersonation scams around the clock.
Let’s summarize the key points from what we have learned:
See how you can automatically take down fake accounts, apps, sites and domains with Red Points.