"Hello, this is Martin Bellin Speaking…"
CEO Fraud Caught in the Act
November 15, 2017, 9:00 a.m. A regular Wednesday morning at BELLIN Treasury Services in Vancouver - until the office receives an unexpected call by a man identifying himself as CEO Martin Bellin. The caller’s tone and demeanor suggest urgency when he asks the receptionist – a new hire, who has never actually spoken to the company’s CEO before – to put him through to Accounts Payable. The employee in charge of that department has been with BELLIN for many years and the voice on the other end of the line is giving her the chills. Instantaneously, she is aware that the caller with the deep voice and the thick eastern European accent who claims to be sick with the flu is not her CEO – but an impostor, a criminal out to defraud the company. Despite her alarm she keeps her cool and, accompanied by the appropriate gestures, passes the phone to BTS’s Managing Director Rick Beecroft who quickly surmises the situation: before seizing the phone and putting it on speaker, he motions towards another teammate to record the conversation about to take place:
Caller: Yes, hello, this is Martin Bellin speaking, how are you today?
Beecroft: Oh, I’m fine, good to hear from you.
Caller: Ah, I’m not so good. I caught the seasonal flu and got a body temperature of around 37.5 which is melting me and I’m heading to … (rest of sentence incomprehensible)
Beecroft: Sorry, I missed a bit of what you said.
Caller: (louder and seemingly aggravated) I said I caught this seasonal flu and I got this body temperature so I’m heading to my private doctor.
Beecroft: Ok, sorry to hear that.
Caller: No problem, it’s not a big deal. I can handle it. Yourself?
Beecroft: You know, doing ok. Working hard.
Caller: Uh huh … I spoke with Sybille and I explained to her a couple of things, uh, we need help from our US office.
Beecroft: OK… in regard to what?
Caller: It’s regarding an invoice payment that needs to be handled immediately. Can you handle a wire with the value date of today?
Beecroft: Yeah, we can get a wire out today. What’s the amount?
Caller: The amount is 127.500 dollars even.
Beecroft: 127.500, ok … and who’s the beneficiary?
Caller: Uh … I’m driving at the moment, but I will send you an email from my Gmail account.
Beecroft: Mhm, ok.
Rick Beecroft never received that email. Maybe his deadpan, entirely unperturbed demeanor made the caller suspect that the BTS’ Managing Director had actually outsmarted him. Still– the story proves that no one is immune from fraud. This type of cyber-attack – part so-called Vishing, part CEO Fraud – is rampant and still on the rise. According to the US technology company Cisco Systems, criminals have scammed 5.3 billion dollars between 2013 and 2016 alone with these types of fake president schemes. Companies need to act fast and prioritize educating their staff in fraud prevention. Because, as the above example proves, it’s their aware and alert employees who might eventually save the day respectively the company’s funds. Overall, BTS felt that their internal systems worked fine. Since Four-eyes rules are in place, a payment with such an amount and urgency throws many red flags. The event was still discussed internally and will be used for training for years to come.
What can you do right now? Be sure to share this article with your team and to download our whitepaper, written by BELLIN tm5 user Royston Da Costa, Assistant Group Treasurer from Ferguson plc, which outlines the risks treasurers are faced with and how they can fraud -proof their business.
Also check out Teut Deese’s Treasury Matters blog “Cyber security for non-dummies” to find out how BELLIN can keep you and your company safe from various forms of fraud on different levels accompanied by our equally engaging and awareness-raising video “Curing the Digital Disease” on BELLIN TV.
Right when we were about to publish this blog post, the Director of our London office, the BELLIN Treasury Alliance, received the following mail from another Martin Bellin-impostor with a questionable Email address:
From: Martin Bellin [mailto:firstname.lastname@example.org]
Sent: 20 December 2017 10:02
To: Lena Pennington
Subject: Consulting expense.
Are you available to process an outgoing payment today? Let me know and I will send you the payment details as soon as I receive it from the consultant shortly.