Spot red flags to avoid becoming a CEO fraud victim

Two top-level executives of European movie chain, both the Managing Director and the CFO, were fired recently, after it became clear that they fell for a massive CEO Fraud attack. This could have been prevented if they only would have spotted the red flags.

In a recent Amsterdam, Holland court decision the details were revealed how this scam went down, and what errors were made along the way.

Thursday, March 8th, the MD of a Dutch movie chain gets an email from the CEO of their holding company: “Did KPMG already call you?” The email was sent from a smartphone. The MD forwards the email to their CFO, but both are puzzled. They decide to email back and ask what the issue is.

The answer is a classic CEO Fraud tactic: “We are in a confidential M&A process with a foreign company in Dubai, and any communications can only be done using the personal email address of the CEO. Please transfer the first 900K and this money will be transferred back to you at the end of the month.”

An email thread ensues where the MD wants to make sure that the transaction is legit. “No worries”, confirms the holding company CEO. Please transfer the first 10% of the acquisition.

Transferring the money

Tuesday March 13 the second transfer gets made: 2.5 million. The two execs wonder what is going on but decide to comply with the CEO’s orders. More transfer requests follow, for higher amounts. Tuesday March 27th the “last payment” gets made. A total of 21 million dollars has been transferred over roughly two weeks, and they get assured: “Yes, we’ll now transfer this money back right away”. That was the last thing they heard.

Finally the HQ wakes up, grabs the phone, and asks about the transfers: “What is going on? What was the money used for?” The penny drops. The two execs have fallen for a CEO Fraud scam and are immediately put on administrative leave, and later fired.

The CFO went to court and contested being fired, he claims he was just following orders and he cannot be blamed for this disaster. However, HQ feels he should have spotted the red flags and never transferred the money in the first place.

The court digs into the matter and concludes that the movie chain has become the victim of a sophisticated gang of cyber criminals. The CFO cannot go back to the office, there are too many trust issues at this point. He’s getting a few more months pay and will be cut loose December first. No word if any money has been recovered, but if you do not file claw-back requests in 24 hours, the chances of getting it back are slim.

This could have been avoided

High-risk employees need to be stepped through new-school security awareness training which takes scenarios like this and does automated simulated attacks combined with immediate remedial training to inoculate them against sophisticated scams like this.

Apparently Pathé did not train these executives at all, or if they did, it was very badly executed. We strongly urge you to prevent disasters like this and create your own, strong human firewall that will spot and block attempts like this.  KnowBe4 enables your employees to make smarter security decisions.

Cyber Safety Net is a KnowBe4 partner. Reposted with permission from https://blog.knowbe4.com/heads-up-fired-two-c-level-execs-who-fall-victim-to-a-massive-21-million-dollar-ceo-fraud. Cyber Safety Net – keeping you safe online. See https://cybersafetynet.net/cyber-security-awareness-training/ to train and strengthen your human firewall. See https://youtu.be/UFpFesrcnvY and https://www.knowbe4.com/security-awareness-training-features/ to learn more.