CxO Fraud and Corona Pandemic: How to Protect Yourself

Since the beginning of the Corona pandemic at the end of 2019, cybercriminals have been exploiting fears of the Corona virus to spread malicious code via email. The criminals are doing this, for example, by establishing a relationship with the Corona virus in the contaminated emails, arguing emotionally or claiming a particular urgency. Many of the sensitized recipients fall for it, causing the entire IT network to become infected and allowing malware and ransomware to be spread unhindered.

Authentic looking emails from superiors

These attacks are particularly dangerous because the quality of fake and contaminated emails is now very high. For the inexperienced – and sometimes even the experienced – viewer, many of these emails seem authentic: they are often written in correct language, contain correct addresses and phone numbers, and are visually elaborately designed, including company logo and email disclaimer.

Attacks using the method of the so-called CxO Fraud are currently increasing. In this form of fraud, formerly known as CEO Fraud, the attackers pretend to be managers or other decision-makers of a company and encourage employees to transfer money to their accounts. In some cases, the identity of a superior is faked, in other cases that of a customer or supplier, for example, to send supposed invoices on his behalf.

Cybercriminals seize millions

Particularly glaring cases were the case of the car supplier Leoni in 2016 and the case of the cinema chain Pathé in the Netherlands in2018. In the first case, 40 million Euros and in the second case 19 million Euros were transferred to the accounts of the criminals. By the time the scam was uncovered, the money had already disappeared into unknown accounts in both cases.

CxO Fraud has been a growing problem not only since Corona: a survey in autumn 2019 showed that of 500 companies surveyed, more than a third had received emails from fake superiors or suppliers. The fact that the criminals were successful in almost half of the cases is also due to the fact that in many cases the attacks are prepared over weeks or months.

The cyber attacks are carefully prepared

In many cases, the affected companies are first spied on via social networks in order to identify the persons relevant to the attack. This is followed by initial contact by email or telephone, which is intended to psychologically manipulate the employees contacted in order to eliminate any doubts that may arise. An alleged particular urgency or alleged time pressure then often leads to transfers actually being executed.

As is generally the case with malware, ransomware and phishing, the first antidote here is to sensitize employees. It is even better if the email security solution used recognizes CxO Fraud and rejects fraudulent emails.

Reliable protection against CxO Fraud – with NoSpamProxy

CxO fraud detection in NoSpamProxy compares the sender name of incoming emails with the names of key users in your company. This will intercept fake emails sent to you or your employees on behalf of supervisors, employees or customers.

90 percent of all cyber attacks occur via email. Especially in times of corona-related home office work and authentic-looking fake emails, a reliable email security solution is the most secure protection against malware, ransomware and spam. And from ill-advised wire transfers to cyber criminals.