This is something that was made aware at my job that I believe is relevant to what we are learning in this program. It addresses social engineering in a high-level strategy by hackers. The security division shared some important notes with good suggestions that can help other companies too. They explain that as technology becomes more advanced, so do the schemes cyber thieves put together. They went on to add that, “One of those is around CEO Fraud. This is where the cyber thief will use sophisticated social engineering tactics to trick employees into wiring funds to fraudulent accounts.” These tactics include receiving a phone call from someone acting as if he/she is part of senior executives.
All, especially large organizations, should be prudent. For example, a cyber thief could also try to use an executive’s email addresses to reach out to an employee asking to transfer large amount of money. Another instance includes an employee received a call from someone pretending to be the CEO of a company asking for money.
As a solution, employees must forward all suspicious emails to the appropriate security team(s). Moreover, it is highly recommended to ask whoever tries to call customer service for their phone number to call them back, then pass that information to a appropriate manager. Chances are hackers will not provide one. Social engineering attack is on the rise, so it is in all companies’ best interests to educate employees proper techniques to minimize the chances of being compromised.
http://www.cio.com/article/3136159/security/how-to-prevent-ceo-fraud.html