{"id":173,"date":"2019-05-07T18:29:16","date_gmt":"2019-05-07T16:29:16","guid":{"rendered":"https:\/\/lars-hilse.de\/lhx18\/?p=173"},"modified":"2019-05-07T16:08:36","modified_gmt":"2019-05-07T14:08:36","slug":"protecting-your-organisation-from-ceo-fraud","status":"publish","type":"post","link":"https:\/\/lars-hilse.de\/lhx18\/2019\/05\/protecting-your-organisation-from-ceo-fraud\/","title":{"rendered":"Protecting your organisation from CEO fraud"},"content":{"rendered":"<div class=\"ttr_start\"><\/div>\n<figure class=\"wp-block-image\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"350\" height=\"100\" src=\"https:\/\/i0.wp.com\/lars-hilse.de\/lhx18\/wp-content\/uploads\/2019\/05\/lhx_blog_content.jpg?resize=350%2C100&#038;ssl=1\" alt=\"\" class=\"wp-image-176\" srcset=\"https:\/\/i0.wp.com\/lars-hilse.de\/lhx18\/wp-content\/uploads\/2019\/05\/lhx_blog_content.jpg?w=350&amp;ssl=1 350w, https:\/\/i0.wp.com\/lars-hilse.de\/lhx18\/wp-content\/uploads\/2019\/05\/lhx_blog_content.jpg?resize=300%2C86&amp;ssl=1 300w\" sizes=\"auto, (max-width: 350px) 100vw, 350px\" \/><\/figure>\n\n\n\n<p>One of the most costly cyber threats\/risks is CEO fraud.\u00a0<\/p>\n\n\n\n<p>The attackers impersonate a senior representative of the company by email mostly.&nbsp;<\/p>\n\n\n\n<p>With a shady excuse they will get in touch with a resource in the company with access to the financial department.&nbsp;<\/p>\n\n\n\n<p>Under false pretexts they will &#8211; from their apparently authoritarian position &#8211; ask the employee to issue a payment, pretending the project they need to payment issued for is hush-hush.&nbsp;<\/p>\n\n\n\n<p>Not to anger their boss, the victim will then issue the payment, and the money is gone.&nbsp;<\/p>\n\n\n\n<p>That\u2019s it in short\u2026 there are dozens of known approaches to executing a CEO fraud with often dire consequences for the company, some of them even have to shut down because they can\u2019t deal with such a financial impact.&nbsp;<\/p>\n\n\n\n<p>You\u2019re probably going to ask me whether and how such Incidents can be avoided\u2026 well, they can\u2019t entirely.&nbsp;<\/p>\n\n\n\n<p>One of the most important countermeasures is training, training, training of employees. And once you\u2019ve trained them, train them again &#8211; just to make sure they have enough training and understand the impact of social engineering on a company.&nbsp;<\/p>\n\n\n\n<p>That being said\u2026 there are software measures than can be taken also. You will have to contact your bank though to look into details of two factor authentication on a per transfer basis\u2026 for more complex environments there is a two man rule for wires to be executed on behalf of the company. Wires can also be backlogged and executed by the CFO upon review and approval. The possibilities of reducing this risk are out there; and they are many.<\/p>\n\n\n\n<p><a href=\"https:\/\/lars-hilse.de\/lhx18\/what-i-do\/\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\"If you need help feel free to give me a call.\u00a0 (opens in a new tab)\">If you need help feel free to give me a call.\u00a0<\/a><br><\/p>\n<div class=\"ttr_end\"><\/div>","protected":false},"excerpt":{"rendered":"<p>One of the most costly cyber threats\/risks is CEO fraud. <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[53,6,2,8,13,52],"tags":[20],"class_list":["post-173","post","type-post","status-publish","format-standard","hentry","category-ceo-fraud","category-cyber-crime","category-cyber-security","category-global-risks","category-risk-management","category-social-engineering","tag-ceo-fraud","has-post-thumbnail","fallback-thumbnail"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/paluiP-2N","jetpack_likes_enabled":true,"jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/lars-hilse.de\/lhx18\/wp-json\/wp\/v2\/posts\/173","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lars-hilse.de\/lhx18\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lars-hilse.de\/lhx18\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lars-hilse.de\/lhx18\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/lars-hilse.de\/lhx18\/wp-json\/wp\/v2\/comments?post=173"}],"version-history":[{"count":2,"href":"https:\/\/lars-hilse.de\/lhx18\/wp-json\/wp\/v2\/posts\/173\/revisions"}],"predecessor-version":[{"id":177,"href":"https:\/\/lars-hilse.de\/lhx18\/wp-json\/wp\/v2\/posts\/173\/revisions\/177"}],"wp:attachment":[{"href":"https:\/\/lars-hilse.de\/lhx18\/wp-json\/wp\/v2\/media?parent=173"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lars-hilse.de\/lhx18\/wp-json\/wp\/v2\/categories?post=173"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lars-hilse.de\/lhx18\/wp-json\/wp\/v2\/tags?post=173"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}