The number of \u201cBusiness Email Compromise\u201d (BEC) incidents, also known as \u201cCEO fraud\u201d scams, is on the rise. The scam is simple: cyber thieves use sophisticated social engineering tactics to trick business professionals or executives into wiring funds to fraudulent overseas accounts.\u00a0\nAnd the impact of CEO fraud is significant. Technology company Ubiquiti Networks, for example, was swindled out of almost $47 million. Since the FBI\u2019s Internet Crime Complaint Center (IC3) began tracking BEC scams in late 2013, it has compiled statistics on 7,000+ U.S. companies that have been victimized\u2014with total dollar losses exceeding $740 million. And that doesn\u2019t include victims outside the U.S., or corporate losses that went unreported.\nCEO fraud has proven surprisingly successful, and as a result, the number of attacks is growing. According to IC3, there has been a 270% increase in identified BEC victims since 2015, and victimized organizations reside in all 50 U.S. states and nearly 80 countries abroad. In fact, even Centrify was a target of a CEO fraud scam.\n\u00a0Beware the Signs of CEO Fraud\nCEO fraud typically begins with scammers either phishing an executive and gaining access to his mailbox, or emailing employees from a domain name that\u2019s very similar to the target\u2019s domain name (but off by one or two characters). The thieves have usually taken the time to understand the target organization\u2019s management structure; in this way finance execs can be duped into creating financial transfers without going through proper authentication processes.\nFor example, a controller or accounting manager is notified by email that the CEO wants a money transfer for what appears to be valid business reasons. They follow directions, thinking the CEO has initiated the request\u2014and not realizing that they are sending money to cyber thieves.\nAnother technique is to pose as the CEO and describe the need for the CFO (or someone else in accounting) to act as part of a \u201csecret project\u201d can\u2019t be discussed with anyone else at the company. These phony emails typically also stress the urgency of completing the wire transfer as quickly as possible.\nScamming methods are also becoming increasingly sophisticated. These type of thieves know how to pull off the crime without raising suspicions, according to FBI agents. They use language specific to the targeted company, along with dollar amounts that don\u2019t raise eyebrows. As FBI Special Agent Maxwell Market says in an online article, \u201cThe days of these e-mails having horrible grammar and being easily identified are largely behind us.\u201d\nTo make matters worse, the criminals often employ malware to infiltrate company networks. This gives them access to legitimate e-mail threads about billing and invoices, making the transfer request appear more credible.\nInstead of making a payment to a trusted supplier, the scammers direct payment to their own accounts. Sometimes they succeed at this by switching a trusted bank account number by a single digit. Cyber criminals, who have the resources to research and target hundreds of companies, work on the law of averages. After all, a 1% response on millions of phishing emails qualifies as success.\nProtect Against the Risks by Implementing Best Practices\nPreventing CEO fraud means taking preventative measures. What follows are a series of best practices for protecting your organization.\n\nEducate executives and your finance team about CEO fraud, and implement training programs around privacy and security. Employees must be vigilant about responding to requests for money transfers or confidential information.\nRequire proper documentation and approvals for all wire transfers. Develop a manageable process that ensures that all approvals are met before wire transfers are initiated.\nFor large wire transfers, request verbal approval or confirmation.\nEnsure that all wire transfers are associated with an actual purchase order in your accounting system. This helps validate all transfers.\nAdd multi-factor authentication (MFA) to all key apps\u2014especially your financial applications\u2014so users must confirm their identity when initiating a wire transfer.\nProtect endpoints with mobile fingerprints, mobile push notifications, Smart Cards, one-time password (OTP) tokens, digital certificates, biometrics, and more. With so many credentials at risk, password-based security is no longer effective. MFA, which requires multiple methods for identification, is one of the best ways to prevent CEO fraud.\nLayer on other identity controls such as privileged session monitoring for systems containing sensitive or confidential information. This allows you to proactively identify insider threats and simplify forensic investigations to prevent future threats, and it helps protect the organization in the case of compromised employee credentials.\nPurchase domain names (ask your marketing department or IT group) that are variations of your organization\u2019s name. For example, if you have a lower case \u201ci\u201d in your name, buy the domain where a lower case \u201ci\u201d is swapped for the upper case \u201cI.\u201d Or, if you have an \u201cE\u201d in your domain name, buy the domain that has a \u201c3\u201d for an \u201cE.\u201d\nThe FBI recommends that security teams create system rules that flag e-mails with extensions that are similar to the company\u2019s. For example, while an e-mail from abc_company.com can be legitimate, the system would flag a similar looking, fraudulent e-mail from abc-company.com.\nAdvise administrative staff not to reveal the CEO\u2019s location at any time, since this information could be used to trigger a fraudulent scam.\n\n\u00a0CEO fraud is a rapidly growing problem that impacts companies of all sizes, in all regions of the world. Scammers have been particularly successful in companies with rigid management cultures that also lack sufficient checks and balances within the accounting department. Implementing a best practices approach can help protect your organization from becoming the next headline relating to CEO fraud.\nFor more information, read more about Centrify\u2019s first-hand encounter with CEO fraud. You can also download this CEO Fraud Prevention Solutions Brief as a primer for preventing CEO fraud.