Kansas State University

search

IT News

Beware of CEO fraud scams

Posted on by Cathy Rodriguez

As part of our ongoing efforts to enhance cybersecurity and protect K-State from potential threats, we would like to bring your attention to the issue of CEO fraud, also known as Business Email Compromise (BEC). Cybercriminals may attempt to impersonate senior executives to deceive employees into transferring funds or sensitive information.

These fraudsters target specific employees with personalized emails, usually asking their victims to complete a business activity such as paying a bill. They learn as much as possible about their targets and organization to make the emails more convincing. They can obtain this information from websites and social media sites. For example, LinkedIn provides them with a plethora of information about a target, such as job history, connections with colleagues and even samples of how they write.

K-State CEO fraud examples

Frequently, scammers try to obtain your cell phone number to continue their scams.

CEO fraud is successful because employees may not take the time to examine suspicious executive requests. These requests come with time-sensitive urgency, and employees are eager to comply.

Here are several ways to identify CEO fraud in emails:

  • Check the sender’s email address: Look for slight variations or misspellings in the sender’s email address.
  • Display name spoofing: Be cautious if the display name looks correct, but the email address is not from K-State’s domain.
  • Urgency and pressure: CEO fraud emails often create a sense of urgency or secrecy, pressuring you to act quickly without verifying the request.
  • Unusual requests: Be suspicious of unexpected requests for money, confidential information or gift cards.
  • Language and tone: Look for language that doesn’t match the executive’s usual tone. This might include poor grammar, unusual phrasing or an unusual tone.
  • Check for spoofed email headers: Review the full email headers to verify the email’s origin. 
  • Look for suspicious attachments or links: Be wary of unexpected attachments. Hover over links to check if the URL looks suspicious or doesn’t match the legitimate domain.
  • Unusual behavior patterns: Question whether the email was received at an unusual time or if the request was out of context.
  • Verification Steps: Always verify sensitive requests through a different communication channel, such as calling the executive directly using a known phone number.

Report phishing attempts

Send any suspicious emails and original headers to abuse@k-state.edu.

Share this post: