The phenomenon of so-called “CEO fraud,” a sophisticated e-mail scam, in which the attacker spoofs a message from the company management to delude someone at the company into wiring funds to the fraudsters, has hit the German MDAX company Leoni AG last months with a loss of around 40 Million Euro.
Unlike traditional phishing scams, spoofed emails used in „CEO fraud“ schemes are usually based on a more or less sophisticated „social engineering“ by organized criminals, which enables them to understand the companies internal relationship, activities, interests as well as travel and purchasing plans.
It is worth to note, that Leonie AG stated that „The criminal activities have not affected the IT infrastructure or data security.“ of the company, which means, that the criminal activities against the company was solely based on a sophisticated profiling and not on a hardware intensive cyberattack against the IT-infrastructure of the company.
Such profiling cannot be encountered by expensive technical solutions, as it targets the human factor in the companies organization and can only be faced by a holistic sensitization of the management staff and constant surveillance of financial processes in the framework of a comprehensive company policy referring the non-disclosure of company information.
Similar cases like the Austrian FACC Operations GmbH (around 50 million Euro loss) or US-based Mattel Corp. (around 3 Million US-Dollar, which has been returned by fortunate coincidence) this year underlined this requirement, as no sophisticated software attack against company network was needed to initiated the car flow.
For more information about the issue please click on the links below:
Further Details of the Leonie AG Scam on knowbe4.com
Further Information about the FACC Operations GmbH Scam
Further Information about the Mattel Corp. Scam
Scam Awareness Flyer of the German Federal Crime Agency (BKA)
Hauptniederlassung Sittensen / Deutschland
Lindenstr. 11, 27419 Sittensen / Deutschland / Europa
Postfach 1417, 27416 Sittensen / Deutschland / Europa
Tel.: +49 4282 59 40 798
E-Mail: info@ibs-ops.com
Zweigniederlassung Hamburg / Deutschland
Georgsplatz 1, 4. Etage
20099 Hamburg, Deutschland, Europa
Hafencity Operations Office
Überseeallee 1, 2. Etage, 20457 Hamburg
Tel.: +49 40 879 79 85 0
E-Mail: hamburg@ibs-ops.com
Repräsentanz Florida / USA
66 West Flagger Street, Suite 900, Downtown Miami
Miami / Florida 33130
United States of America
Tel.: +1 7867430733
E-Mail: miami@ibs-ops.com
Repräsentanz Maskat / Sultanat von Oman
Tamina Building, 02. Stock
Al Nahdha Road, Wattaya, P.O. Box 395
PC 118 Maskat / Sultanat von Oman / Mittlerer Osten
Tel.: +968 2466 7782
E-Mail: muscat@ibs-ops.com
Repräsentanz Singapur / Singapur
3 Temasek Avenue
Centennial Tower / Level 21 / 039190 Singapore
Republik Singapore / Asien
Tel: +65 65 49 72 09
E-Mail: singapore@ibs-ops.com
Repräsentanz Vilnius / Lithuania
Gedimino pr.20
Vilnius, Lithuania, LT-01103
Ost Europa
Tel: +370 520 78892
E-Mail: vilnius@ibs-ops.com