News & Blog
‘CEO Fraud’ A New and Growing Threat to Business
By Francis West on 27th April 2016
A recent National Fraud Intelligence Bureau (NFIB) report highlighted by the UK’s ‘Action Fraud’ has shown evidence of an increase in a kind of Fraud dubbed ‘CEO fraud’, so-called because fraudsters pose as senior staff members or Company Directors in order to obtain money.
How Does CEO Fraud Work?
CEO Fraud involves a fraudster emailing and / or calling a member of the Finance Department of a company e.g. the Financial Controller. In several recent real cases the first contact from the fraudster is reported to have been via gmail.com and yahoo.com email addresses.
The fraudster explains to the staff member that they are either the CEO or a Company Director and that they need an amount of the company’s money transferred quickly into an account. The fraudster offers apparently legitimate business reasons for the transfer, stresses the time constraint in order to avoid any effective checking procedure, and relies upon factors such as the employee’s lack of familiarity with the Company’s CEO / Directors, their fear of challenging the authority of a CEO / Director and their desire to help senior staff members and possibly receive recognition and reward.
The average amount of money requested from a company in a fraud of this kind is thought to be approximately £35,000. The account that the fraudster asks for the money to be transferred into is just a temporary first stop-off point for the money which is then quickly transferred to other mule accounts before the original account is closed down to render it untraceable.
The speed of the fraud and the fact that the companies targeted often take some time to discover it mean that in most reported cases the victims have been unable to recover their money.
How Big Is This Type of Fraud?
NFIB figures show that over £32 million has been reported lost this way in the UK and nearly 1000 frauds of this kind were reported from January 2015 to 2016. Of the £32 reported stolen the victims has so far only been able to recover £1 million. In what is believed to be the largest recorded CEO fraud to date a Financial Controller at the Scottish office of a large healthcare company was conned into transferring £18.5 million into accounts in Hong Kong, China and Tunisia.
What Does This Mean For Your Business?
With this type of fraud it is likely that your business will be a better target for the fraudsters if it is a larger limited company. Crime stats also show that more than 20% of those companies targeted are based in London.
This type of fraud however is becoming more popular and widespread and it therefore makes sense for you to make sure that you take measures minimise your organisation’s vulnerabilities.
Measures you can take include:
Making sure that all staff and not just those in the Accounts / Finance Department are at least made aware of what this kind of fraud is, and that it is a current and real threat.
Introduce a system involving more than one person whereby staff can verify any enquiries relating to the CEO or Directors.
Encourage staff to double check any requests of this nature and never to rush through any large money transfers.
Regularly check and keep a close eye on company transactions to check for inconsistencies and to enable problems to be spotted early.
Report any fraud or attempted fraud of this kind to Action Fraud on 0300 123 2040 or contact them online here: http://www.actionfraud.police.uk/report_fraud
‘CEO Fraud’ A New and Growing Threat to Business
A recent National Fraud Intelligence Bureau (NFIB) report highlighted by the UK’s ‘Action Fraud’ has shown evidence of an increase in a kind of Fraud dubbed ‘CEO fraud’, so-called because fraudsters pose as senior staff members or Company Directors in order to obtain money.
How Does CEO Fraud Work?
CEO Fraud involves a fraudster emailing and / or calling a member of the Finance Department of a company e.g. the Financial Controller. In several recent real cases the first contact from the fraudster is reported to have been via gmail.com and yahoo.com email addresses.
The fraudster explains to the staff member that they are either the CEO or a Company Director and that they need an amount of the company’s money transferred quickly into an account. The fraudster offers apparently legitimate business reasons for the transfer, stresses the time constraint in order to avoid any effective checking procedure, and relies upon factors such as the employee’s lack of familiarity with the Company’s CEO / Directors, their fear of challenging the authority of a CEO / Director and their desire to help senior staff members and possibly receive recognition and reward.
The average amount of money requested from a company in a fraud of this kind is thought to be approximately £35,000. The account that the fraudster asks for the money to be transferred into is just a temporary first stop-off point for the money which is then quickly transferred to other mule accounts before the original account is closed down to render it untraceable.
The speed of the fraud and the fact that the companies targeted often take some time to discover it mean that in most reported cases the victims have been unable to recover their money.
How Big Is This Type of Fraud?
NFIB figures show that over £32 million has been reported lost this way in the UK and nearly 1000 frauds of this kind were reported from January 2015 to 2016. Of the £32 reported stolen the victims has so far only been able to recover £1 million. In what is believed to be the largest recorded CEO fraud to date a Financial Controller at the Scottish office of a large healthcare company was conned into transferring £18.5 million into accounts in Hong Kong, China and Tunisia.
What Does This Mean For Your Business?
With this type of fraud it is likely that your business will be a better target for the fraudsters if it is a larger limited company. Crime stats also show that more than 20% of those companies targeted are based in London.
This type of fraud however is becoming more popular and widespread and it therefore makes sense for you to make sure that you take measures minimise your organisation’s vulnerabilities.
Measures you can take include:
Making sure that all staff and not just those in the Accounts / Finance Department are at least made aware of what this kind of fraud is, and that it is a current and real threat.
Introduce a system involving more than one person whereby staff can verify any enquiries relating to the CEO or Directors.
Encourage staff to double check any requests of this nature and never to rush through any large money transfers.
Regularly check and keep a close eye on company transactions to check for inconsistencies and to enable problems to be spotted early.
Report any fraud or attempted fraud of this kind to Action Fraud on 0300 123 2040 or contact them online here: http://www.actionfraud.police.uk/report_fraud
Comments