Beware of an email from the boss: The corona-related work in the home office intensifies the wave of trick fraud and social engineering on the Internet. Insurance companies and IT security companies warn of an increasing number of fraudulent emails, in which criminals pretend to be superiors and have company funds transferred to their own accounts. "Around 90 percent of all cyber attacks begin with an email," says Martin Kreuzer, the security expert at reinsurance company Munich Re and former investigator.
The stitch will CEO Fraud Mentioned: The fraudsters collect email addresses and information about senior managers and their employees in order to then have the money transferred by the employees with credible but fake emails. Or they research suppliers and write false invoices on their behalf.
CEO Fraud: Widespread even before Corona
Even before Corona, CEO Fraud and his offshoots were a problem. In autumn 2019, Munich Re's US subsidiary surveyed over 500 medium-sized companies about their experience with phishing emails. More than a third of the companies reported that they received emails from the wrong manager or supplier. And in almost half of the cases, employees were actually fooled and transferred money, usually five-digit sums. Only a few cases are publicly known: In 2014, fraudsters were able to steal $ 4.8 million from the trick at Medidata; a case was discovered last year in which criminals combined CEO Fraud with artificial intelligence and stole 220,000 euros.
The perpetrators often prepare their attacks very thoroughly in order to get into the virtual skin of real executives as credibly as possible
Hatch. "CEO fraud is often accompanied by targeted phishing emails, phone calls or fake websites," explains Kreuzer.
Spam and phishing related to corona are increasing rapidly
The industrial insurer AGCS, which belongs to the alliance, warns that in some countries the number of attempted cyberattacks increased five-fold between mid-February and mid-March. The Japanese IT security company Trend Micro also analyzed that online fraudsters reacted quickly to the spread of the epidemic.
The company looks after customers around the world. In Europe, Trend Micro counted 1,793 spam mails directly related to Corona in February. In March it was a flood of over 435,000 spam mails, of which almost 67,500 were sent to recipients in Germany. These numbers refer to malicious emails overall. Not only targeted attacks like CEO Fraud take place in a personalized way today, classic phishing emails are also garnished with personal data. "The success rate is much higher if the addressees are contacted personally", says Kreuzer.
The corona pandemic is causing the economy to tumble, but the crisis seems to be an economic stimulus package for criminals. "For a successful cyber attack, the hacker has to arouse the interest and emotions of those addressed", says Kreuzer. "Corona serves as a vehicle for this." The attackers rely on fear and boredom and try to build up pressure or take advantage of usual actions that we can almost carry out in our sleep.