Spambrella has the detection and protection required for organisations to protect themselves from the ever increasing threat of CEO fraud using anti-spoofing features. Spambrella will quarantine emails suspected of being an imposter threat and will allow your administrators to release those suspect emails. Alerts are sent to admins as per your preference in order to manage this process effectively.
How does a CEO Fraud scam work?
CEO fraud will typically start with an email being sent from a fraudster to a member of staff in a company’s finance department. The member of staff will be told by the fraudster who is purporting to be a company director or CEO that they need to quickly transfer money to a certain bank account for a specific reason. The member of staff will do as their boss has instructed, only to find that they have sent money to a fraudster’s bank account. The fraudster will normally redistribute this money into other mule accounts and then close down the bank account to make it untraceable.
Out of the £32 million reported to be lost by businesses to CEO fraud only £1 million has been able to be recovered by the victims (UK Statistics). This is due to businesses taking too long to discover that they have been the victim of fraud and the lost money already being moved by fraudsters into mule accounts.
Most businesses reported initially being contacted via emails with gmail.com and yahoo.com suffixes although this has of course broadened to include domains similar to those used by the organization for targeted attacks.
What is Email Spoofing?
Email spoofing is the creation of email messages with a forged sender address for the purpose of fooling the recipient into providing money or sensitive information. For example, a sender 401k_services@yourbusiness.com sends a message to your organization email address stating that you have X days to log into your account to take advantage of new stock investments. The message uses your company’s letterhead, looks as legitimate as the 401k notices you’ve received before, and has a login link.
What is it costing companies?
In August 2015, the FBI issued a public notice indicating that Business Email Compromise (BEC) is estimated to have cost companies over $1.2 billion between October 2013 and August 2015. Spoofing is one of many forms of BEC.
Spoofing attacks became very noticeable in mid-late 2015 and more prevalent in early 2016. The attacks are sophisticated and will not be detected by the majority of today’s email security providers. Business email compromise or CEO fraud is the fastest-growing threat in modern email exploitation.
How do you stop these Spoof attacks?
When using Spambrella these messages can be quarantined for further review and released if appropriate. Spambrella users can also create exceptions in order to allow the delivery of emails from approved senders, such as an externally delivered marketing communication.