Carl has the experience required to solve any IT queries & manage your IT infrastructure.
With over 20 years in the IT industry and a vast amount of experience.
CEO Phishing Attacks is not the most sophisticated method but it is still one that needs to be watched due to the damage it can bring.
We want to raise awareness of the increase in sophisticated Phishing Emails designed to look like it is from a legitimate source. As our clients ask us “What is CEO Phishing Attacks”. Our answer is better in the form of a blog post to raise awareness for all.
What is CEO Phishing Attacks?
CEO Phishing attacks often occur when a hacker infiltrates a companies Email system, gaining knowledge about the style of writing, personality type, and any factual information that can increase credibility.
Once the hackers feel they have enough information then they request money transfers.
Usually making it sound like a legitimate business deal through phishing and social engineering.
We have known an Email system to be infiltrated months beforehand and dig out old invoices that were sent to their clients.
They then proceed to recreate an invoice looking legitimate just changing the bank account receiving the funds.
The wire transfer is often transferred again to a foreign bank account, this makes it very difficult to trace and often leads to a loss.
Why are we talking about this?
Just recently we were called in to inspect the network of a new client, they had unfortunately been the victim of a phishing scam.
After analysis, it turned out they had Malware on their machines sending data back to a server located in China (identified by the IP address).
When we looked into what had happened an employee had received a document, and when they tried to open it nothing happened instead of raising the alarm they carried on with their day.
We found a copy of the Email received and it was dated 16th July 2018, so they had access for a ridiculous amount of time before they lost enough money to raise the alarm. Why did it take so long?
The hackers were clever and what they were doing was intercepting traffic, on a daily basis to learn about how they dealt with their invoices, and when some of their clients owed money or was in the middle of a quote the hackers sent invoices for reasonable amounts, this was cleverly in the name of our client but with different bank details.
The amounts were not enough to raise an alarm over a nine-month period they were able to extract £64,730 out of our new client’s customers.
This is a nightmare for any company to deal with and can result in loss of trust, hefty debt to plug, and can result in going out of business.
Educating your staff is the best defence
Although Cyber Criminals may be going after the CEO it is important that all staff be educated. Usually, it is the lower-level staff that is fooled into believing they are communicating with the CEO.
We need to provide awareness to the staff by just educating them enough to double-check with a quick phone call if funds are requested to be transferred.
Other forms of defence
Keep your software regularly patched, make sure that you have adequate Security as hackers do not just attempt phishing attacks and they also will attempt to infect your systems with Malware.
Once infected they can see details of activities you do on your systems, access to business-critical files, and risk data leaks and enough information to either cause serious damage.
This could permanently damage your business or become experts at phishing your employees to put them at risk too.
An Antivirus or Firewalls will not be enough to defend against phishing attacks, we have to keep an eye on systems, run regular checks and keep on providing security awareness to ALL employees.
If you would like to learn more or are in need of support. Or would like to discuss working together, book an appointment or call 01423 423068
Interested and want to help smooth the process? Install our Onboarding tool. You can also try to reach us via our HubSpot Live Chat.
Schedule An Appointment
We would love to hear from you regarding any Outlook or Microsoft 365 Support, IT Support, Cyber Security, WordPress Website Design, or any Computer Support request you may have. Get the best out of Harrogate & Yorkshire IT Support.
Please note if you are a client and need to request IT Technical Support, please use ourClient Portal
Need a quick chat or request? Try our HubSpot Chat from this page. Alternatively, use our WhatsApp Chat
Book with us
REMOTE APPOINTMENTS NEED TO BE PAID FOR BEFORE WORK IS CARRIED OUT
Book A 15 Minute Video Call
20+ Years IT Experience
Business Phone Systems (VOIP)
Cyber Security Specialist
Experts in Outlook Support & Migrations
IT Support in Harrogate
Social Media Management
Website Hosting & SEO Management
“Extremely helpful and proficient technical support. Provided one-off troubleshooting when I required support to recover Outlook. Carl was knowledgeable, polite, and patient in resolving my issue Highly recommended.” – Pras Legal Corp.