Your CFO – Prime Target for Cybercriminals

CFO Computer VirusIt should be no surprise that CFOs — the keepers of the purse strings — are the primary target for many types of cybercriminals. In fact, about 40 percent of all Business Email Compromise (BEC) scammers address their emails directly to CFOs. With increasingly sophisticated approaches, they can masquerade as the CEO or some other highly placed individual and request a transfer of funds into their own accounts. Even if the success rate isn’t very high, the profit on each successful one could be huge, since the CFO typically has such a high monetary signature authority. Any business should know more about this risk and strategies that can be used to prevent BEC losses.

The two basic approaches to BEC are spoofing an executive’s email or actually hacking into the account and sending a message directly from there. Spoofing may be easier to spot if something in the address or format isn’t quite perfect. For the hacking scenario, you have to know how the sender typically writes such an email to spot a fake. Either way, it is most often a high-level executive that the bogus email comes from, with studies showing that 63 percent of BECs use the email of the CEO, president or managing director to convince a CFO or other person in the Accounting department to transfer funds.

The BEC scammers may or may not need to use malware to pull off these crimes. Sometimes an employee can be convinced to transfer funds to an unauthorized account based only on the email content. It can work better in some scenarios, though, when malware such as a keylogger is used to capture specific content, including account numbers, passwords and transaction details to facilitate the transfer. A BEC scammer could even capture some specific details of the account history to relay in the message, thus raising the credibility. They sometimes even follow up with a phone call to the victim to help convince the person to do something he or she shouldn’t.

It should be noted that foreign suppliers are often used in these schemes, because it might be harder to spot something wrong in a message or account description when it is related to a foreign bank. A foreign company might also not be as knowledgeable on the other end in dealing with fraudulent wire transfer issues.

So how do companies protect against BECs? Employees can be reminded to scrutinize emails more closely, but a company could also have training specifically on this type of scam. Showing an example — especially if it involves their company or someone they know — will help get the employees’ attention. It can also work for a company’s IT department to run a test by sending out bogus emails and seeing what response it gets. An alert to the team saying what the outcome was will definitely heighten awareness. No one wants to be the employee who gets caught in that trap! Along with training, a company can also implement additional security measures for fund transfers, such as requiring a secondary sign-off or verification step for any changes in a vendor payment.

LAN Infotech is the trusted choice when it comes to staying ahead of the latest information technology tips, tricks and news on email scams or any other IT topic. Contact us at (954) 717-1990 or send us an email at for more information.

Fort Lauderdale Computer Networks
Network Services in Fort Lauderdale
Network Consulting in Fort Lauderdale
Fort Lauderdale Data Backup
Data Security Fort Lauderdale
Client Feedback

“LAN Infotech has been an exceptional resource for our organization. They provide consistent knowledgeable network engineers, round the clock monitoring and are invaluable in our IT infrastructure decision-making process. Their level of customer service has been top-notch and exceeds our expectations – we look forward to a continued partnership with LAN Infotech.”

—Janice M. Pennington
Vice-President of Finance & Administration
National Multiple Sclerosis
Society South Florida Chapter
read more»

Featured IT Services Fort Lauderdale Articles

LAN Infotech Recognized as Leading Microsoft Marketing Partner Worldwide

The team of IT specialists from LAN Infotech are thrilled to announce that they have been recognized on Fifty-Five and Five’s Inbound Marketing Excellence Report as one of the top 250 Microsoft mark

Read more

Featured IT Services

IT Consulting Advice for Fort Lauderdale: Taking Care of Your Employees Is Taking Care of Your Business!

Quid Pro Quo An IT consulting firm in Fort Lauderdale will usually advise that you get what you give. This is the core principle which defines most working relationships. The employer gives the em

Read more

Featured IT Services

IT Services Business Advice: Do You Really Need a Management Consultant in Fort Lauderdale?

Eliminate the Middleman IT services in Fort Lauderdale need not cost an arm and a leg to provide services your own organization could source internally. You want a consultation agency willing to he

Read more

Featured IT Services