A massive takedown of cybercrime networks saw 281 suspected hackers arrested in 10 different countries earlier this month.
Operation reWired saw arrests made in countries across the world – including the UK – to shut down networks focusing specifically on ‘business email compromise’ schemes, otherwise known as CEO fraud.
This specific hack is similar to phishing, but relies specifically on the understanding that employees will be more likely to act on a request if they think it comes from their manager.
In one example seen by the BBC, an unnamed financial officer was sent an email that appeared to be from their company CEO. In it, the boss said that a deal to acquire a third party company had been completed and that $8 million needed to be transferred to a specific account before the end of the day.
The employee duly made the transfer, but alarm bells started to ring when the company being acquired telephoned to ask where the money was. To this day, little of it has been recovered.
CEO fraud is a devastatingly effective hacking tool as employees are significantly less likely to challenge an email if it looks to have come from their boss. What’s more, hackers are able to duplicate email accounts with relative ease using technology that’s widely available, making any email they send look legitimate. If they’re able to get some insider knowledge as to the target’s upcoming mergers and acquisitions – as the hacker appeared to in the above example – it’s even more likely to be a success.
Since 2016, the FBI estimates some £21 billion has been lost as a result of these specific hacks.
Ryan Kalember, executive vice-president of cyber-security strategy at Proofpoint, told bbc.co.uk: “One of the reasons why this is a particularly difficult problem to stamp out is that it relies on the systemic risk of all of us trusting email as a means of communication.” Anyone worried about becoming the next victim is advised to stay vigilant, double-check if there’s any doubt, and set up two-factor authentication for payments.
