It’s always good to stay up-to-date on the latest online scams and tricks. One that’s been going around lately is called the Fake President Fraud. It’s quite nefarious because it relies on something called social engineering to trick/con employees into sending money – your business’s money – to a scammer.
We’re going to give you the scoop on this treacherous plot by explaining what it is, why it works, how you can defend against it, and an insurance solution that can help you safeguard against it.
What is the Fake President Fraud?
Fake President Fraud?
What happens is that a scammer masquerades as an executive of a business – for example, the president or CEO – to fool an employee into willingly and voluntarily wiring money into their bank account. (The “voluntarily” party is important – we’ll explain later.)
It might seem kind of out there – like, could that really happen? Well, it can. There are several really good reasons that this scam can be effective. Which we’ll get into after we explain exactly how the scam unfolds.
How does the Fake President Fraud work?
It works a little something like this:
First, the fake executive reaches out to an employee, usually someone who has access to the money. They will probably use an email that has a domain that’s similar to the company’s real one or a “personal” email account.
The “executive” asks the employee to move money through a wire transfer. They’ll usually ask them to put the money into a foreign bank account. (Spoiler alert: the bank account belongs to the criminal.) They’ll phrase the request as if the wire transfer is for completely normal and legitimate reasons – for example, a business deal, settling a debt, or paying a vendor.
Now, within the email, the scammer will employ a few dirty tricks to cause the employee to quiet any misgivings that might pop up in their head. Even if the employee starts to suspect something, the fake president might use one of the following tactics to fool them into acting against their instincts:
–Using authority: The scammer might simply intimidate the employee. They might also bank on the employee having a desire to assist or impress a superior.
–Saying it’s highly urgent: They might make it sound so crucial and urgent – you MUST do this RIGHT NOW – that the employee may overlook protocol or fail to take the time to verify who’s making the request.
–Emphasizing secrecy: The scammer might persuade the employee that the entire thing has to stay secret for “business” or “legal” reasons – whatever that means. Being part of something secret might make the employee feel special and appreciated.
And then comes the nail in the coffin – the employee makes the transfer. While the bank may think the entire thing is a bit weird, they’ll make the transfer if the employee is properly authorized.
So, that gives you an idea of how these sorts of scams play out. Notice how the fraud uses manipulation and pressure, saying just the right thing to get the unwitting employee to do what they want. This is called social engineering – we’ll explain.
Get quotes for small business insurance and get the coverage you need.
Why the fake president fraud is so effective.
Scammers are crafty – they know how to wield the power of social engineering.
What’s social engineering? It’s exploiting basic human psychology and behavior to manipulate people. These criminals use ideas and concepts of how people react to authority and social hierarchies to fool people. It preys on people’s subconscious thought process, which is why it’s so nefarious. It’s easy to fall for it.
Basically, the scammer is counting on your employees to act a certain way. Which is why informing and training your employees about different online scams they should know about is a big part of keeping your business from being victimized.
How can you protect your business against the Fake President Fraud?
1. Tell your employees.
Make sure everyone is aware that this could happen. Let them know that they should just ignore these emails and delete them. You can foil a scammer’s plan just by making sure everyone knows not to fall for the trick. The fraudulent “presidents” are counting on the fact that potential victims aren’t aware of what they’re up to. Spend some time tightening up cybersecurity at your business.
2. Emphasize how important it is to follow the protocol.
When it comes to transferring funds, there should be a strict protocol to follow. Employees need to know that they should not deviate from it.
3. Have a plan for verifying identities.
Your employees may not have too much contact with the executives of your company. Or maybe requests for wire transfers are often made remotely. Or maybe there are requests that fall outside of protocol or require a hastened timeline. In any of these scenarios, your employees should have a way of independently verifying the identity of the person making the request (meaning they’re not using any contact information from the sketchy email.)
Getting insurance for that.
You’re probably wondering how you can make your insurance protect you from the Fake President Fraud.
The thing is that a cyber insurance policy typically won’t protect you from the Fake President Fraud. Why? Because the employee willingly parts with the money. (See, we said that would come up again.) The criminal act, therefore, is fraud, not a malicious data breach or hack.
(Contrast the Fake President Fraud to spear phishing, in which hacker sends an email convincing the recipient to open a link or an attachment that downloads code that gives the hacker access to the computer or network.)
However, just because you may not be able to cover this risk under your cyber liability policy, that doesn’t mean you can’t insure yourself for situations like this. Most likely you would have to add a social engineering endorsement to your crime policy to protect against this sort of fraud. Talk to your agent to find the insurance solution that will work for you.
So, that’s what you need to know about the Fake President Fraud. Be sure to let your employees know about it so everyone can stay vigilant. It’s definitely worth taking the time to give your employees some training about online scams and potential malicious data breaches so that everyone has the tools and knowledge they need to stay away from any hacks, scams, or fraud that could be going around.
Looking for business insurance? We can help. Our team of agents can help you get quotes for your small business insurance so that you can get the right coverage to protect your business from the risks you face. Get started with your quotes by filling out our online quote form or give us a call today.