The McCracken County Sheriff's Department has recently become aware of a new scam called CEO Fraud, or Insider Spoofing. The scam involves a cyber attacker who obtains as much information as possible about the targeted company. The attacker would need to obtain information such as the personnel structure of the company they are targeting. They'll need to know everything they can learn about the individual they plan to impersonate. The scam targets anyone with a senior role (the boss) who would possess the authority to initiate money payments. The attacker would need to know the person's name, email address and their schedule. At the least, the attacker would need to know the person being impersonated is out of the office, preferably out of town. In addition to the boss's information, the attacker would need to know who in the organization is able to transfer money, such as the finance officer. Sometimes the information can be located on the company's website, where they list their employees, their roles and responsibilities, and contact information. As for knowing when the boss is out of the office, it can be a little more difficult. At times, the attacker can locate the person on social media sites and monitor their movements; they could also call the organization and be told he/she is not in the office. Once the attacker is ready to conduct the attack, they will email the finance officer, purporting to be the boss, and request they initiate a money transfer to the attacker's bank account. Sometimes the attacker will spoof the boss's email, which means they modify the email, so the "From:" field contains the boss's genuine email address. At times, the attackers will have the boss email them, so they can duplicate the look of his/her email. When the attack is initiated, the attacker will do it hoping the finance officer feels pressured to send the transfer immediately, without verifying through the targeted boss. If an employee receives an email asking them to transfer funds, it would be advisable to verbally verify the transfer through the person believed to be sending the email.
