Fintech CEO Fraud Attempt (LIVE RECORDING)
CEO Fraud Caught in the Act
CEO Fraud Caught in the Act
Ever hear of CEO fraud?
“CEO Fraud is a scam in which cybercriminals spoof company email accounts and impersonate executives to try and fool an employee in accounting or HR into executing unauthorized wire transfers or sending out confidential tax information.”
November 15, 2017, 9:00 a.m. A regular Wednesday morning at BELLIN Treasury Services in Vancouver – until the office receives an unexpected call by a man identifying himself as BELLIN CEO, Martin Bellin. The caller’s tone and demeanor suggest urgency when he asks the receptionist – a new hire, who has never actually spoken to the company’s CEO before – to put him through to Accounts Payable. The employee in charge of that department has been with BELLIN for many years and the voice on the other end of the line is giving her the chills.
Instantaneously, she is aware that the caller with the deep voice and the thick eastern European accent who claims to be sick with the flu is not her CEO – but an impostor, a criminal out to defraud the company. Despite her alarm she keeps her cool and, accompanied by the appropriate gestures, passes the phone to BTS’s Managing Director Rick Beecroft who quickly surmises the situation: before seizing the phone and putting it on speaker, he motions towards another teammate to record the conversation about to take place:
Recording of the CEO fraud attempt
Caller: Yes, hello, this is Martin Bellin speaking, how are you today?
Beecroft: Oh, I’m fine, good to hear from you.
Caller: Ah, I’m not so good. I caught the seasonal flu and got a body temperature of around 37.5 which is melting me and I’m heading to … (rest of sentence incomprehensible)
Beecroft: Sorry, I missed a bit of what you said.
Caller: (louder and seemingly aggravated) I said I caught this seasonal flu and I got this body temperature so I’m heading to my private doctor.
Beecroft: Ok, sorry to hear that.
Caller: No problem, it’s not a big deal. I can handle it. Yourself?
Beecroft: You know, doing ok. Working hard.
Caller: Uh huh … I spoke with Sybille and I explained to her a couple of things, uh, we need help from our US office.
Beecroft: OK… in regard to what?
Caller: It’s regarding an invoice payment that needs to be handled immediately. Can you handle a wire with the value date of today?
Beecroft: Yeah, we can get a wire out today. What’s the amount?
Caller: The amount is 127.500 dollars even.
Beecroft: 127.500, ok … and who’s the beneficiary?
Caller: Uh … I’m driving at the moment, but I will send you an email from my Gmail account.
Beecroft: Mhm, ok.
Rick Beecroft never received that email. Perhaps Rick Beecroft’s cool and calm demeanor made the caller suspect that the BTS’ Managing Director had actually outsmarted him. Still– the story proves that no one is immune from fraud. This type of cyber-attack – part so-called Vishing, part CEO Fraud – is rampant and still on the rise. According to the US technology company Cisco Systems, criminals have scammed 5.3 billion dollars between 2013 and 2016 alone with these types of fake president schemes. Companies need to act fast and prioritize educating their staff in fraud prevention. Because, as the above example proves, it’s their aware and alert employees who might eventually be the first line of defense in saving company funds from fraud. Overall, BTS felt that their internal systems worked fine. Since Four-eyes rules are in place, a payment with such an amount and urgency throws many red flags. The event was still discussed internally and will be used for training for years to come.
Preventing CEO fraud
What can you do right now? Be sure to share this article with your team and to download our cyber fraud whitepaper, written by BELLIN tm5 user Royston Da Costa, Assistant Group Treasurer from Ferguson plc, which outlines the risks treasurers are faced with and how they can fraud-proof their business.
The latest FBI data draws on fraud reports submitted by victims around the world from October 2013 to May 2018. In that time frame, the FBI counts 41,058 total U.S. victims who collectively lost at least $2.9 billion. Additionally, known worldwide losses to BEC scams hit $12.5 billion, while the total number of known victims reached 78,617.
The white paper covers the different forms of cyber fraud, prevention strategies and workflows, and how to deal with cyber fraud after it occurs.
Right when we were about to publish this blog post, the Director of our London office, the BELLIN Treasury Alliance, received the following mail from another Martin Bellin-impostor with a questionable Email address:
From: Martin Bellin [mailto:email@example.com]
Sent: 20 December 2017 10:02
To: Lena Pennington
Subject: Consulting expense.
Are you available to process an outgoing payment today? Let me know and I will send you the payment details as soon as I receive it from the consultant shortly.
Let’s get in touch!
Interested in learning more about our solutions? That’s great.
Because we’d like to learn more about you. So give us a shout.