Recent trends indicate that cyber criminals are also impersonating other board-level executives such as chief financial officers (CFO) and chief operating officers (COO), hence the term CxO.
As mentioned, CxO fraud is normally conducted through email. This is done using a combination of phishing and spear phishing techniques. Phishing is a type of social engineering attack where cyber criminals attempt to trick a person into revealing confidential information. This could be credentials, personal information, or account numbers. Phishing messages are normally “cast” out to a broader audience in the hopes of “getting a bite”. Spear phishing usually targets a specific individual or group. More effort goes into making the message believable using information found through previous phishing campaigns, social media sites and company websites.
Social engineering plays a large part in the success of CxO fraud. To an unsuspecting employee, emails are coming from a senior-level boss claiming urgent action. The CxO is often on holiday or in a meeting and not in a position to go through normal channels. This can put the employee into action without questioning the validity of the request, as time is of the essence, and they do not want to disappoint their boss.
Why should we be concerned about CxO fraud and email compromise in general?
It takes more than a silver bullet to mitigate the risks of these attacks and reduce exposure. A multi-pronged approach is required and involves the following three pillars:
It is often the threats reported in the media that we pay close attention to. However, we should use all sources available to us to get a better picture of the threats that may impact our companies. Although ransomware is grabbing the headlines now, it is not necessarily the biggest threat we should be worried about.