Navigation auf uzh.ch

Suche

Information security

CEO-Fraud

CEO fraud occurs when perpetrators instruct team members in the name of the manager to make a payment to a fraudster's (typically foreign) account or, for example, to obtain "Google Play" or "Apple" gift cards for them.

In the case of purchased gift cards, the card codes must then be sent to the petitioner. The instruction is usually sent from a fake email address. However, cases have also been observed in which operations were carried out from a compromised real email account.

The justifications for the payment vary, although it is usually a supposedly urgent and extremely sensitive payment. The attackers know exactly how to use a supposedly urgent situation to put pressure on the relevant team member so that he or she makes the payment, bypassing or ignoring any process requirements.

Weiterführende Informationen

Rules of conduct

> Ask
in doubt, ask your manager personally whether the payment should be made - e.g. via a Teams call or telephone call
Important: Ask using a different communication channel and the contact details you know, not the ones in the email

> Check sender address
For unusual transfer orders, always check whether the sender address of the email is correct and whether the payment request comes from the person who gave the order.

> Be careful when pressed for time
A clear warning signal is if there is a note in the email that payment should be made within a short period of time.

> Quality of email
Pay attention to whether the salutation or writing style suits your manager.

> Frequently used subjects
"Are you available?" or «Are you unoccupied?»

> Do not give out any information in the event of unusual contact.

The CISO and the hacker

More about The CISO and the hacker