Would your boss e-mail you to pur­chase gift cards? It may be a fraud!

Asian Journal - - WORLD -

A cler­i­cal em­ployee of a govern­ment agency in North Van­cou­ver as­sumed the e-mail in­struc­tion re­quest from her su­per­vi­sor to be cred­i­ble when he asked her to go out and pur­chase $500 in itunes cards. In the e-mail the su­per­vi­sor claimed he was in a lengthy meet­ing, too busy to do this him­self, and for her to for­ward the itunes card de­tails back to him. The vic­tim be­came sus­pi­cious when that trans­ac­tion was suc­cess­fully com­pleted and then she re­ceived a sec­ond re­quest for an­other $500 as the need was ur­gent! Un­for­tu­nately, the in­ci­dent, which oc­curred on Septem­ber 15, 2018, was a scam, known as a CEO Scam.

In a typ­i­cal CEO Scam” fraud­sters gain ac­cess to the e-mail ac­count of an ex­ec­u­tive or su­per­vi­sor and target em­ploy­ees who have the au­thor­ity to ac­cess and move money. Fraud­sters send re­al­is­tic-look­ing e-mails, re­quest­ing ur­gent wire trans­fers or gift card pur­chases for what ap­pear to be le­git­i­mate busi­ness or per­sonal rea­sons, such as se­cur­ing an im­por­tant con­tract”, or a con­fi­den­tial trans­ac­tion. They of­ten send the tar­geted fraud­u­lent e-mail when ex­ec­u­tives are trav­el­ling (ac­cess­ing pub­lic Wi-fi) or are oth­er­wise dif­fi­cult to reach.

Be­liev­ing that the re­quest is real, the em­ployee trans­fers the money— only to find out upon the boss’s re­turn or through other cor­re­spon­dence that the e-mail was a scam and the money is gone.

Losses to this type of scam can range from hun­dreds to tens of thou­sands of dollars. The fake CEO Scam is a grow­ing threat to busi­nesses and or­ga­ni­za­tions of all sizes. Here are tips to pro­tect your­self and your busi­ness:

• En­sure your com­puter sys­tems are se­cure, keep an­tivirus soft­ware up to date, and en­cour­age all em­ploy­ees to use strong pass­words to pro­tect their email accounts from hack­ers.

• Take a care­ful look at the sen­der’s e-mail ad­dress. It may be very sim­i­lar to the real one, with only one or two let­ters be­ing dif­fer­ent. • Dou­ble-check with ex­ec­u­tives when they send wire trans­fer re­quests by e-mail, even when they look le­git­i­mate. Don’t use the contact in­for­ma­tion pro­vided in the mes­sage and don’t re­ply to the e-mail.

• Establish a stan­dard process that re­quires mul­ti­ple ap­provals for money trans­fers.

• Limit the amount of em­ployee in­for­ma­tion avail­able on­line and on so­cial me­dia. Fraud­sters use it to find po­ten­tial vic­tims and time their tar­geted fraud.

Newspapers in English

Newspapers from Canada

© PressReader. All rights reserved.