CEO Fraud is a type of spear-phishing email attack in which the attacker impersonates your CEO. Typically, the attacker aims to trick you into transferring money to a bank account owned by the attacker, to send confidential HR information, or to reveal other sensitive information. The fake email usually describes a very urgent situation to minimize scrutiny and skepticism.
There are two common ways in which a CEO fraud email is launched. The first is name spoofing, in which the attacker uses the name of your CEO but a different email address. Sometimes (but not always) the email address the attacker uses is similar to the company's domain with a few different letters (e.g., acrne.com instead of acme.com). With name spoofing, the attacker is hoping that the recipient will not notice the incorrect sender address, and will rush to respond. Many email clients, especially mobile email clients, do not display the sender address by default, which can make it hard to spot this attack.
The second form is name and email spoofing, where the attacker uses both the CEO’s name and their correct sender address. In this form of the attack, the attacker typically uses a reply-to address that is different than the sender address, so that your response to the email will go to them.
CEO fraud is a particularly dangerous form of attack because the impersonator relies on the authority of the CEO to obtain extremely sensitive information or even acquire cash. The presence of the CEO as the sender guarantees that the malicious email gets the attention of employees. Many employees are reluctant to question a request from their CEO and will fall into the trap of responding to the email.
Barracuda Email Protection is a comprehensive, easy-to-use solution that delivers gateway defense, API-based impersonation and phishing protection, incident response, data protection, compliance and user awareness training. Its capabilities can prevent CEO fraud:
Artificial Intelligence (AI) Engine Scans Emails
Barracuda Impersonation Protection AI can spot CEO fraud and other spear-phishing attempts. It learns your organization’s specific communication patterns and can detect anomalies based on factors that escape the notice of human users and traditional email gateways. Over time, the AI gets better at spotting CEO fraud attempts, and can automatically quarantine and flag any email that it labels as suspicious.
DMARC Prevents Domain Spoofing
Domain Fraud Protection offers reporting and analysis of Domain-based Message Authentication, Reporting & Conformance (DMARC). DMARC can help prevent unauthorized use your email domains – including spoofing and impersonation - so attacker can’t use your company brand to launch attacks.
Security Awareness Training
Finally, Barracuda Security Awareness Training includes a user-training module that periodically sends simulated CEO fraud emails to users within your organization. Users who attempt to respond to the simulated attacks are alerted to the fact that they were fooled and receive additional educational materials to help them learn to spot such attacks in the future.
Learn More about Barracuda Email Protection and sign up for a free trial.