CEO email Fraud: audit4mail helps you highlight information.
Transfer order scams have caused over $2.3 billion in damage since 2013, and claimed victims in every U.S. state and in at least 79 countries (figures); at least 17,642 victims (mainly companies) have suffered their disastrous consequences. Some have lost all, or at least part, of their cash flow. And in serious cases, it ended in the windup of the company.
A wire transfer is a financial transaction from one account to another. Once a wire transfer order is accepted by the banking system, it cannot be canceled: it’s irrevocable.
The scam attempt consists in getting a corporate collaborator to execute a transfer order for a seemingly good cause. But, in reality, it’s all for the benefit of a crook. There are two ways they can get in touch with your company: by phone and by email.
By providing the means to conduct a careful analysis of email data, AUDIT4MAIL helps companies avoid getting duped by these clever con artists.
Listed below are the variations these types of scams can take (this list is not exhaustive), how to protect yourself from them, and how AUDIT4MAIL can help you:
The “fake president” scam
In this scenario, a scammer poses as a company executive and tries to convince one of your employees, by email, to perform an urgent and confidential transfer to an account (often based abroad). To do this, the scammer is simply using information about the company and its leaders that they’ve either gathered from the internet or culled from previous telephone conversations with the company.
How to protect yourself:
• Verify the identity of the caller by contacting him again, this time using safe, common details (e.g. those from the corporate directory and not those supplied by the caller), or simply by consulting the “My timeline” interface on AUDIT4MAIL—you won’t regret it.
• Check the email address: Sometimes scammers use addresses that closely resemble the real thing.
For example, they’ll use firstname.lastname@example.org instead of email@example.com. AUDIT4MAIL provides you with an at-a-glance indication if your contact truly is your daily operations partner.
AUDIT4MAIL will automatically distinguish between the two emails by comparing email addresses. You can therefore avoid fraud—and then notify the authorities!
The internal emails (in green) in normal interactions:
The email address of the person trying to steal an identity (in blue):
• Notify your superiors: a well-intentioned person would not ask you to hide information from your managers.
• Respect the separation of powers:
-If you possess the rights to make significant payments alone, you are at risk. Talk to your manager about this (no one should have all three powers of: transfer, entry, and validation for payment).
-The means of authentication and signatures are personal: never entrust them to a colleague, and refuse if a colleague shares theirs with you.
-The separation of roles doesn’t only protect the company, it also protects you.
The “bank details” scam
A scammer leads one to believe there has been a change of bank details of a lessor, a vendor, or any other creditor of the company, for the next rent payment (or any other type of bill). This may seem like a normal pattern in business activity, possibly due to a management consolidation at a group level, a new bank, etc. The scammer then sends back the new bank details by e-mail, the message possessing characteristics very similar to those from the usual contact (e-mail, mail header, etc.).
How to protect yourself:
• Verify the identity of the caller by contacting them again using safe, common details (e.g. those in the corporate directory and not those provided by the caller) during any details change request (email, telephone number, etc.) or when providing new bank account details. Be sure to check AUDIT4MAIL’s “Account panorama” interface in order to verify the caller’s email. And while you’re at it, consider contacting another person from the company to validate the information.
• Use 2 channels for accounts residing abroad (for example, verify identity by both email and telephone number).
•Be suspicious if the new account is located abroad
The ISO country code is found in the first 2 letters of the IBAN, and the 5th and 6th letters of the BIC.
• Cyprus: CY17002001280000001200527600 – BIC: ABKLCY2N
• US: US7630046001290029721519546 -BIC: ABCDUS1N
• FR: FR7630046001290029721519546 -BIC: ABCDFR3N
• Cover your customers’ and suppliers’ bases against computer intrusions.
• Write to your customers to educate about the proper protocol and encourage them to follow the rules.
The “computer” scam
In this scenario, the scammer poses as a technician from the targeted company’s bank’s connectivity service and tries to convince the employee to execute “transfer tests.” They may also impersonate one of the company’s IT service providers and request the installation of software with the secret intent of recovering security information or hacking the company’s computer network.
How to protect yourself:
• Contact your bank’s business manager using the usual contact information in order to verify the identity of any person claiming to be part of their team.
• Refuse remote logins on your PC from any person whose identity is unverified: do not go to a suspect Internet address, do not click on suspicious links, etc.
• Do not perform tests requested by a technician: Do not add third-party accounts and do not commit to transactions or discounts. Never do a transfer test with a higher value than $1, even if it comes from your initiative.
• Never share personal codes with anyone (e.g. numbers generated by your wireless reader, passwords, PIN codes, etc.).
• Protect both your computer network and your PC against intrusions and malware.
In case of fraudulent transfer or suspicion:
1- Warn your hierarchy
2- Contact your bank
3- Contact the police
How Audit4mail can help:
AUDIT4MAIL helps you distinguish your employees’ and partners’ emails from those of scammers via a quick-and-easy interface.
AUDIT4MAILis a “Messaging Intelligence” tool that analyzes the flowand emails’ statistics tomore efficient anda have thorough knowledgeof the company’s relationswith its customers.The idea isto use internalnetwork to obtainthe maximum informationona prospectiontarget, either by analyzingwhois the key personin their organization,orwhat interactions have already taken place in between the two companies etc.MeetMorganClement, CEO of MOVE4IDEAS presentinghis company.
Who are the founders?
The creation of Move4Ideas was decided by a lake during the exhibition IBM Connect 2012. It’s the result of the collaboration of three experts from IBM: Jérôme Deniau, CTO, Patrice Villemagne, marketing manager, Fabien Clement, R & D manager from Thomson Video Network and myself, Morgan Clement, CEO. Since the team has grown and the product has evolved, from the mail server monitoring to Messaging Intelligence.
Where did theidea come from?It was theinitial observation?
As often, the idea was born from an internal need. We were constantly asking each other if such a project was followed, if so and so had information on a targeted lead.We use a CRM but we are like everyone else, either through laziness or lack of time, all the contacts are not entered and everyone does not have access to the CRM anyway.We needed to at least be able to map the connections between internal and external contacts. And the analysis of email flow data is the best way to visualize this internal “linkedIn”.
Canyou introduce yourtool?
AUDIT4MAIL is a Messaging Intelligence tool. It’s a concrete example of implementation of Big Data and, as data source, we choose the email stream of the company. Please note this is not an espionage tool for employees, personal relationships are excluded from analysis.
A company of 10,000 people sends and receives at the very least 500,000 emails per day, so imagine the knowledge transiting these flows.AUDIT4MAIL is valuable aid to sales forces to reduce the sales cycle, improving upstream knowledge of new canvassing targets in a B2B relationship. The main idea is to use the internal network to obtain the maximum information on the prospection target. Has there been contact withthe target, what are thekey peopleinternallyandespecially amongthe target?
Audit4Mailalsobrings newforms ofteam coachingto increase the sellers’ productivity.The use by the sales force is only one part of AUDIT4MAIL’s opportunities. We have IT and team management and we are also working on new modules for HR and safety. Our main focus in 2016 will be on the fight against CEO fraud with potentially filing a patent.
Who are your main competitors at present on your market?
In the market of Messaging Intelligence yet very recent, there has already been a wave of competitors’ repurchase by big players, for example the repurchase of SalesforceIQ for 300 million dollars by SalesForce in 2015 or Olometrics by Microsoft. We have abottom-up approach, by listening toour existing customers we develop newtargeted services.
What is your Business model?
Ourbilling methodisbymailbox, ie the number of messaging users in the company.
In 2015,CIC andBpifrancetrusted us with 130,000eurosto finalize thedevelopments.In 2016, we seek 300,000eurosto accelerate ourinternational expansion.
What othertools youuse every day?
The CRM of the company B2O,in whichwe were able to integratedoursolutionquickly.
A coupon code for theMaddyness’ readers?
We offer a30-day trialto the Maddyness’readers anda5% discountwith thecodeMADDYNESS when purchasingAudit4Mail.
See original article of the Maddyness, here (french).