According to the FBI, business email compromise scams—also known as “email spoofing”—cost U.S. businesses $747 million between October 2013 and August 2015. More than 7,000 companies fell victim to email spoofing during that time frame, and the frequency and sophistication of these malicious emails is only increasing.
SPYING A SPOOF
Email spoofing is essentially forgery; it’s a message that is sent from one address, but appears to come from another. The most prominent—and costly—scam comes in the form of a fraudulent request for a wire transfer.
The email will appear to come from the organization’s CEO (sometimes with a slightly altered email address, sometimes not) requesting a wire transfer for any number of reasons and providing instructions for where the payment should be directed.
These emails can appear authentic. In fact, often the target recipient has seemingly looped into the tail end of an email chain where top executives have already discussed and approved the transfer among themselves. Such a chain might, for example, appear to be a back-and-forth between the CEO and top executives about an acquisition, with the final message to the accounting department with instructions to conduct a confidential transaction. However, the entire string of emails is phony—all are actually the work of hackers who took the time to do their homework on the organization they’re targeting.
FENDING OFF ATTACKERS
To protect your company from spoofing emails, you’ll need a high-quality spam filter and a strong firewall. Filters can prevent spoofing of an organization’s own domain by blocking emails with that domain name in the “From” field that are sent from outside the organization.
And firewalls can prevent hackers from bypassing spam filters and sending emails directly through your email server. Unfortunately, these methods are not sufficient because most spoof emails are too sophisticated to have the red flags that a spam filter would catch. Plus, many email clients make it far too easy for users to mask their email with another. Therefore, the next critical step is to educate your staff on potential threats.
Train your staff to be highly suspicious of any emails asking for money or personal information. Your employees should be alerted to:
Read email message headers and domain names carefully. Many scammers will use a domain name very similar to the company’s web address. For instance, if your CEO’s email
address is [email protected], they’ll send an email from the address [email protected] (with an extra “s” in ‘business’).
Verify that emails are legitimate. Before replying to an email with sensitive information or taking any financial action on behalf of the company, call or start a separate email dialogue with
the supposed sender to ask whether he or she did, in fact, send the email in question.
Don’t wait until you’ve been victimized—and paid for the experience—to take precautions. Since there is no foolproof method of “blocking” these emails from reaching your inbox, you and your staff are your organization’s best defenses.
Chief Executive Group exists to improve the performance of U.S. CEOs, senior executives and public-company directors, helping you grow your companies, build your communities and strengthen society. Learn more at chiefexecutivegroup.com.
0
1:00 - 5:00 pm
Over 70% of Executives Surveyed Agree: Many Strategic Planning Efforts Lack Systematic Approach Tips for Enhancing Your Strategic Planning Process
Executives expressed frustration with their current strategic planning process. Issues include:
Steve Rutan and Denise Harrison have put together an afternoon workshop that will provide the tools you need to address these concerns. They have worked with hundreds of executives to develop a systematic approach that will enable your team to make better decisions during strategic planning. Steve and Denise will walk you through exercises for prioritizing your lists and steps that will reset and reinvigorate your process. This will be a hands-on workshop that will enable you to think about your business as you use the tools that are being presented. If you are ready for a Strategic Planning tune-up, select this workshop in your registration form. The additional fee of $695 will be added to your total.
2:00 - 5:00 pm
Female leaders face the same issues all leaders do, but they often face additional challenges too. In this peer session, we will facilitate a discussion of best practices and how to overcome common barriers to help women leaders be more effective within and outside their organizations.
Limited space available.
10:30 - 5:00 pm
General’s Retreat at Hermitage Golf Course
Sponsored by UBS
General’s Retreat, built in 1986 with architect Gary Roger Baird, has been voted the “Best Golf Course in Nashville” and is a “must play” when visiting the Nashville, Tennessee area. With the beautiful setting along the Cumberland River, golfers of all capabilities will thoroughly enjoy the golf, scenery and hospitality.
The golf outing fee includes transportation to and from the hotel, greens/cart fees, use of practice facilities, and boxed lunch. The bus will leave the hotel at 10:30 am for a noon shotgun start and return to the hotel after the cocktail reception following the completion of the round.
