The “fake president” scam alone has enabled fraudsters to plunder more than 150 million Euros from German companies over the past two years.
This information was revealed by the German Insurance Association (GDV), based on data provided by insurers covering such cases of fraud with crime and fidelity insurance schemes. Their customers reported about 50 cases during this period, in which fraudsters impersonated top managers and succeeded in getting money transferred to their own accounts.
Even beyond these insured cases the trend is alarming, the insurance experts go on to say. After the Federal Office of Criminal Investigation (BKA) had only registered four cases “CEO fraud” in 2013, by 2016 the number of such cases had risen to almost 350. In the meanwhile, cyber criminals have also diversified their tactics, taking on the identities of customers, suppliers and business partners. In this way they can pass themselves off as phantom haulers in online freight exchanges, making off with truckloads of data.
“Digitalization has created totally new vectors for attack and also facilitates previously known crimes,” comments GSV President Wolfgang Weiler. Any organization that doesn’t have effective compliance management and seeks to cut corners on its IT security is effectively gambling on the continuing existence of their company. In general, insurers and criminal investigators recommend increased efforts to implement preventive measures as a bulwark against such crimes, as one of the keys to effectively protecting against fraud and cyber crime. Employing a four-eye principle for bank transfers as well as regular training on IT security could already prevent many attacks.
Retarus E-Mail Security customers can safeguard themselves against a wide range of threats including “fake president” and “CEO” fraud with the Advanced Threat Protection (ATP) option. The CxO Fraud Detection service subjects emails to an algorithmic check which identifies “From-Spoofing” and “Domain-Spoofing”. In this way, messages from falsified sender addresses can be detected and filtered out reliably.