Better Business Bureau has been alerted by law enforcement
about a rise in CEO (Chief Executive Officer) impersonator scams targeting
While phishing scams aren’t new, this type of scam is
hitting businesses where it hurts – at their bottom line. By targeting front
line employees saying they are high-level executives, these scammers are gaining
access to company information and cash.
BBB was urged to get the word out, noting this scam isn’t
going away. “We ask that businesses make employees at all levels aware of this
scam because unfortunately we have already had reports of this scam with losses
in the thousands of dollars” Edward Fritz, Crime Prevention Supervisor at Boise
What does this scam look like? The scammer pretends to be
the CEO or CFO (Chief Financial Officer) to give the request legitimacy and
urgency. The request will often be for a large money transfer via wire, or gift
card purchases which are non-recoverable. Scammers often make their requests
more plausible using details they’ve dug up by researching the company or
Unfortunately, because the targeted employees are eager to help,
they often don’t hesitate to complete the task, either leaking important
information or spending big dollars on gift cards.
Better Business Bureau wants local businesses to prevent and
prepare for this scam with these tips:
Be wary of short, generic messages. Scammers won't write a long
email; they'll try to pass off something short and generic as harmless, hoping
you'll click quickly without thinking.
Double check before clicking or downloading. A mouse click is all
it takes to inadvertently grant access to your computer, accounts, and
information, or unleash malware on your systems.
Think about how you share. Never send sensitive, personal, or
proprietary information via email regardless of who's asking you for it.
Watch out for emails to groups. Sending an email "from the
CEO" to a staff or employee email list is the fastest way for a scammer to
attack and affect an entire business.
Set up processes. Make sure your company has a procedure for all
requests involving sensitive information or payments, and make sure that
procedure is followed. For particularly wide-reaching requests or large
payments, require employees to check with their manager first.