The latest industry news from Sutcliffe & Co Insurance Brokers

Essential tips to help you safeguard your business from CEO scams

At Sutcliffe & Co Insurance Brokers, we understand that the digital landscape is constantly evolving, and with it, the threats to your business from cybercrime. One of the rising concerns today is the prevalence of CEO scams which is a sophisticated form of fraud that targets companies by impersonating high-level executives to manipulate staff into transferring funds or revealing sensitive information.

What are CEO scams?

CEO scams are also known as Business Email Compromise (BEC) scams, involve fraudsters who pretend to be your company’s CEO or other senior executives. They use persuasive and urgent language to convince employees to make immediate fund transfers or disclose confidential information. These scams have become increasingly advanced and intuitive, with scammers even using computer-generated voice notes that closely mimic the real voice of the executive.

How can I identify a CEO scam?

To protect your business, it’s crucial to be aware of the common signs of these CEO scams:

1. Unusual Payment Requests:
   • Be sceptical of any urgent payment requests from senior management that seem out of the ordinary.
   • Always verify such requests through a different communication channel, such as a phone call or face-to-face meeting with the executive in question.
2. Inconsistent Language:
   • Pay attention to the style and tone of the email. If it doesn’t match the usual communication style of the purported sender, consider it a red flag and proceed with caution.
3. Bank Detail Changes:
   • Be wary of requests to change bank details for existing clients or suppliers. Independently verify these changes directly with the customer or supplier using previously known contact details. This is a classic example of a CEO scam which can easily result in company money ending up in the wrong hands.
4. Deepfake Technology:
   • Stay vigilant for signs of deepfake videos or audio. As more people work from home and meet less often, this can be hard to spot as people are less likely to spot irregularities. Indicators include:
     • Unusual facial expressions or movements.
     • Lip movements that don’t align with the speech.
     • Irregular eye blinking patterns.
     • Inconsistencies in lighting and shadows.
     • Any anomalies or glitches in the audio or video.
5. Time sensitive payment requests:
   • Scams can often involve an element of urgency or threat, for example messages like “We are about to lose a big contract unless we pay this immediately”.
   • Payment requests on Friday afternoon’s or just before a bank holiday are key times for scams when staff are rushing to get work done.
   • CEO scams can often happen when the boss is away from the office so it is hard to check which is another reason not to publicise travel plans on social media.

What are the best practices for preventing CEO scams?

Planning for cybercrime is an important way to prevent against the impact of an attack:

• Verification Processes:
  • Establish a robust internal process for verifying payment requests and changes in financial details.
  • Ensure all staff are aware of and follow these verification procedures.
• Awareness and Training:
  • Regularly educate and train employees about the latest scams and tactics used by fraudsters.
  • Encourage a culture of vigilance and verification within the organisation.
• Technology and Tools:
  • Utilise email filtering and cybersecurity tools to detect and block suspicious emails.
  • Regularly update and patch all systems to guard against vulnerabilities.

Helping you stay protected from CEO scams

At Sutcliffe & Co, we are committed to helping our clients safeguard their businesses against fraud. If you have concerns about potential scams, need assistance in enhancing your cybersecurity measures including Cyber Essentials or need help insuring against cyber and fraud risks, please do not hesitate to contact us on 01905 21681 or alternatively email Enquiries@sutcliffeinsurance.co.uk