Size Doesn’t Matter When CEO Fraud Happens

CEO Fraud happens to small and medium sized businesses too

Lloyds Bank says CEO Fraud rose by 58% in the UK over the past year. although CEO Fraud is often associated with large firms, Lloyds’ results show the contrary: about half-a-million small and medium enterprises were victims. These smaller organizations lost an average of £27,000 each time they were hit with an impersonation scam.

The organizations most affected were, in order, law firms, human resources departments, IT workers, and financial firms. Lloyds thinks the actual rate of attack may be higher than what they reported. Their study is of course based on the self-reporting of victims, and Lloyds believes that as many as one in twenty victims conceals their mistake to avoid embarrassment in front of colleagues.

Scammers pretend to be suppliers

The scammers almost half the time represent themselves as the CEO or the equivalent of the organization, but that impersonation has been overtaken by fraudsters pretending to be suppliers. Some 52% of the scams represented themselves as requests from vendors.

We’ve mentioned before that small and medium businesses are attractive targets for CEO fraud. This survey, while confined to British organizations, is consistent with what other recent studies by Barracuda, Proofpoint, and the FBI have found elsewhere.

No organization too small

It’s also more evidence that there’s no safety in hiding in plain sight. No organization is too small to be worth some criminal’s time and attention. None is too big for some criminal to take on. And no organization is too small or too large to benefit from tailored, interactive security awareness training. Infosecurity Magazine has the story: https://www.infosecurity-magazine.com/news/bec-fraud-hits-500k-uk-smes/

—

Cyber Safety net is a KnowBe4 partner. Reposted with permission from https://blog.knowbe4.com/size-still-doesnt-matter-especially-when-it-comes-to-ceo-fraud. Cyber Safety Net – keeping you safe online. See https://cybersafetynet.net/cyber-security-awareness-training/ to train and strengthen your human firewall. See https://youtu.be/UFpFesrcnvY and https://www.knowbe4.com/security-awareness-training-features/ to learn more.

Tags: Cybersecurity