The National Fraud Intelligence Bureau (NFIB) has seen an increase in the volume of CEO Fraud reports in recent months. This has resulted in substantial financial losses for several businesses that have fallen victim to this type of fraud.
Method

A company, often with multiple offices, is targeted by a fraudster who purports to be the CEO of the company and often claims to be based in another country. The fraudster contacts a finance officer requesting payments to be made into bank accounts under the pretence of a highly sensitive acquisition, merger or property purchase.
Initial contact appears to primarily be made via email from an address similar to the one the CEO would use, although the suspect will telephone to complete the fraud if required. In addition, the fraudster may also introduce a second fraudster, who poses as a lawyer or regulator.

With a strong social engineering element, the fraudster often requests that they, as the CEO, are not contacted further by the financial officer as they are busy. Alternatively the fraudster may picks occasions when the real CEO is on holiday, therefore preventing the officer from checking the validity of the request.
Prevention Advice

• Review internal procedures regarding how transactions are requested and approved, especially those in relation to verification.
• Check email addresses and telephone numbers when transactions are requested. If in doubt request clarification from an alternatively sourced email address/phone number.
• Don’t be afraid to question details when being tasked to transfer money at short notice.