Fake President fraud: a scam that takes advantage of the teleworking boom

Like ransomware, the Fake President fraud has taken advantage of the massive telework due to the health crisis to take off again since 2020. While in the case of ransomware, remote access technologies unsuited to telework are to blame, in this case it is the lack of face-to-face social interaction that is one of the major causes of the increase in this type of scam.

How does a fake president fraud work?

In a fake president fraud, a swindler who has previously researched the target company poses as the CEO or a director to request by e-mail that the company’s accountant make a bank transfer for a confidential and urgent transaction. Thus, the swindler impersonates a trusted person, via an e-mail address created for this purpose, and directly addresses the right person (the accountant). Since this task seems to be urgent, the person contacted will sometimes carry it out without taking the time to think about it and since it is a confidential operation, he will not talk about it to his colleagues and will therefore not raise any suspicion.

Telework can be seen as one of the causes of the increase in the fake president fraud, as remote exchanges have increased, with many employees working from home at least a few days a week. As a result, their guard is down and where a face-to-face discussion with the president or director would have been appropriate for this type of operation, an exchange of e-mails is now common and legitimate.

Good practices to prevent them

For companies, the fake president fraud is far from being a fatality. Several actions can indeed be taken to drastically limit the risk of such a scam being successful. First of all, it is necessary to make accountants aware of this type of fraud since they are the ones who are specifically targeted. Two elements should alert them: the urgent and confidential nature of the operation. In case of doubt, it is recommended to contact the president by phone to validate this operation personally.

However, if this type of verification is feasible in small and medium-sized companies, it can be more complicated to obtain a verbal confirmation in the case of a large company. This is where practicing the Segregation of Duties (SoD) makes sense. Integrated into Identity Governance and Administration (IGA) solutions such as Systancia Identity, this practice requires two people to carry out certain tasks considered critical.

Since bank transfers are critical for any organization, they must be subject to a SoD mechanism for all non-recurring transfers as well as when a recurring transfer is set up. In this case, the bank transfer made by the accountant would be subject to electronic validation by an administrator of the company or any other person authorized to validate this type of operation. Thus, if the transfer seems suspicious, it will be investigated and stopped before the transfer is operated.

The Fake president fraud, as well as the other main cyber threats, must therefore be integrated into the cybersecurity awareness actions provided by organizations. This is the first and sometimes the only barrier to cyber attacks when a company does not have adequate cybersecurity solutions for the various threats to information systems.