While there is always a lot of focus on phishing emails directing users to malicious pages or capturing credentials using cloned websites, a still-very-common scam catches organisations out every day: the ceo impersonation scam.
The aim of these scams is to have an employee – often a new one in the organisation – sent an ‘urgent’ message by a senior member of staff asking them to purchase something on their behalf (because they are in an urgent meeting or similar).
Typically, the purchase will be something that can be used or spent by the attacker but doesn’t have a robust audit trail such as gift tokens or vouchers.
While this attack is unsophisticated, it is still quite successful.
Give this, we’ve created a guide on how to use free Microsoft 365 functionality to alert your users to potential attempts (in addition to an external email banner).
Download the PDF guide here: Simple CEO Phishing Prevention Guide – Seguro