CEO Fraud is a clever attack where impostors either act under CEO identities or earn the trust of high-profile users for financial gain.
In a majority of cases, CEO fraud occurs with attackers phishing an executive and securing access to his/her email, or emailing company employees from a fraudulent domain name that’s very close to the company’s domain. (Most often a character or letter is off by one or two). Usually the criminal has used social engineering tactics to understand the business structure of an organization and coerced the exec or employee into a financial transfer.
CEO fraud is a sophisticated scam from both technological and social angles. A trusted contact doesn’t raise concerns that tell us to be cautious, as these kinds of messages “feel normal.” Attackers rely on this misplaced trust, constructing messages with genuine visual elements and personalized messages, making these exploits remarkably effective and dangerous.
Attackers may compromise a CEO account and reveal damaging information. This event not only tarnishes reputation, it innately comes with financial damage. In cases where a CEO falls victim to a fraudulent communication, either disclosing proprietary information,, or transferring money to an attacker, the results will be catastrophic.
Unlike most anti-phishing software, INKY doesn’t rely on examining URLs and sender addresses to stop phishing emails. INKY’s brand forgery detection software uses Computer Vision to detect company logos and determine who the email pretends to originate from.
INKY’s true machine learning develops behavior profiles and social graphs that identify suspicious behavior or identities. When INKY sees an email from a sender that doesn’t match a known profile, it sends an impersonation warning.
Whether you’re an Outlook traditionalist, or experimenting with the latest mobile email solutions, INKY integrates into almost any email solution. With a single click, your users can react to the warning banner right in the body of the email. This unique ease of use banner is one of our clients’ favorite features.
A unique feature is the ability to click a “Report this Email” link in every email, which means users can report spam, phish, and other problematic email from any device – web, phone, any email client, with no special software. Most email protection software only has the capability to work from an installed instance.
In this report, we break down some of the critical phishing attack statistics for 2019 by aggregating information from the UK, US, Japanese, and Australian governments, tech publications and Accenture’s 2019 cost of cybercrime report.Download Report