Million-Dollar CEO Fraud Uncovers Business Email Compromise

CEO Fraud

When fraud occurs, it can cost unsuspecting victims more than they expect. One of the latest types of fraud attacks compromises corporate emails and uses them to manipulate others. Often known as CEO fraud, business email compromise tactics were recently used to scam a Swiss company out of roughly one million dollars by a multinational fraud ring.

An unsealed criminal complaint from the United States District Court for the Northern District of Georgia revealed that the CEO of an unidentified Swiss company had been scammed out of nearly $1 million by a multinational fraud ring. The executive, named only as S.K., was in the process of purchasing a piece of beachfront property when he became a victim of an email attack.

S.K. had been in communication with who he thought was the seller’s attorney, paying a portion of the $1,020,000 sales price as a deposit for the property located in Belize. Multiple emails allegedly from the seller’s attorney with instructions for sending the remaining funds involved both bank accounts located in Belize and a Citizens Bank located in Boston, Massachusetts.

S.K. realized he had become a victim of CEO fraud when the actual attorney reached out stating he had never received the funds due. The fraudulent attorney’s email had an additional letter “s” within the phony address, making it look like the business email had come from the real attorney. This easily overlooked detail wound up costing S.K. nearly six figures.

What is CEO Fraud?

CEO fraud often involves a phishing email attack where the attacker impersonates a company CEO or high-level employee to appear as a trusted person. Typically, the fraudulent party aims to trick its victims into transferring money into a bank account they own, to send confidential HR information to them, or to reveal and distribute other sensitive information to the criminals.

One of the most common methods of business email compromise is name spoofing. Name spoofing occurs when a cyber attacker uses the same name as the CEO or intended party, but with a different email address. Often, the email address used will be similar to the company’s true domain but will include one or more additional or different letters or numbers.

The second most common type of CEO fraud involves the fraudster using both the CEO’s name and their correct email address. In this type of attack, the reply-to-email address will be different than the sender’s listed address. This way, responses sent to the email actually go to the fraudulent party, rather than the alleged recipient.

Houston Fraud Attorneys

Instances of fraud among businesses and other unsuspecting victims are constantly evolving. CEO fraud is particularly dangerous, as the impersonator capitalizes on the authority of an executive-level employee to obtain sensitive information or steal money.

Texas has one of the highest incidences of fraud per capita; meaning, someone you know has likely been the victim of a fraudulent attack. If you or someone you know has been a victim of fraud, the attorneys at Feldman & Feldman are equipped to investigate your claim and pursue compensation. Contact us today to schedule a consultation and discuss your options.