Be aware that an email from your Chief Executive Officer (CEO) requesting payments may not be legitimate. WA ScamNet recently received two reports about this scam and since July 2017, losses totalling $97,360 have been recorded.
Scammers can pose as the CEO of a company (or similar senior position) after copying an email account. They then send an email to a company employee asking them to transfer money to a bank account which appears to have come from the legitimate CEO.
The scammers either create a domain with the same naming conventions that looks similar to the victim’s domain, or create a free email address using the same name as the CEO.
We have also had reports of scammers hijacking email accounts so that it looks like the email came from the legitimate CEO.
Examples of the text used in the initial email received:
"Let me know when you are available. There's something I need you to do for me.I'm in a meeting right now,we can only communicate by mail now,i will just keep an eye on my mail for your reply"
"See approved invoice, Kindly send out payment today. Let me know once done."
"Please pay the invoice attached."
After they receive a response, the scammers provide bank information and a very vague reason for the payment to be made.
Where an invoice is mentioned, the scammers have attached a fake invoice to justify why this payment is to be made and this usually includes fake or fraudulently used business details and bank information.
Once the money has been transferred it is very difficult to recall.
Tips to protect yourself:
- If an email looks peculiar, make a phone call or have a face to face conversation about the request and confirm whether it is legitimate or not. If you are unable to do either of these, open up a new email and use the contact from your address book to query the request;
- If you receive an invoice, check to see that the company information is legitimate and confirm any bank account details over the telephone;
- Separate who can initiate and who can approve payments;
- You can check if your account information has been compromised in a data breach by checking haveibeenpwned.com; and
- Get in contact with WA ScamNet on 1300 304 054 for further advice.