Person holding frame with someone elses portrait showing identity fraud concepts

Fake Emails and CEO Fraud

Hi Teresa!

In a few minutes, you'll learn the most important things about fake emails and CEO fraud.

Hammer destroying an email envelope depicting email security vulnerabilities

What and Why?

Email has been around for a long time and has many security flaws, like how easy it is to fake the sender's address.

Envelope labeled From SANTA with Christmas tree decorations showing spoofed sender example

What and Why?

The sender decides what the sender address says, which is why scammers often pretend to be someone else in emails.

Anonymous detective figure representing cybercriminals and surveillance

What and Why?

According to the FBI, 24,000 businesses have been cheated of more than $1.6 billion in one year. Secret information, or payment orders, should therefore never be submitted or requested via email.

From: Bill Gates <bill@microsoft.com>

False Senders

There are several ways to forge sender addresses in emails. The sender field typically displays two details: an email address and a sender name. Both the name and the address can be easily faked.

From: Bill Gates <bill@microsoft.com>

To: Teresa <teresa.defreitas@futuraskolan.se>

False Senders

Using a fake sender in an email is as easy as writing a fake return address on an envelope. Neither the postal service nor the internet's many operators can control what sender address someone enters.

From: Bill Gates <mark.smith883@hotmail.com>

False Senders

In the simplest cases, only the sender's name is falsified. These types of fake emails are easy to uncover—just check the sender field in the email to see if the name and address match.

From: Apple Invoice <invoice@app1e.com>

False Senders

An increasingly common tactic is to send fake emails from a domain name that closely resembles an established organization's name.

True or False?

Email addresses cannot be faked.

No, try again!

Thumbs up

Correct!

You're right! Email addresses can easily be faked.

Order Confirmation

From: Amazon Order <diengos79368@hotmail.com>

To: Teresa de Freitas

Amazon corporate logo for brand recognition training

ORDER #2000004863

Thank you for shopping at Amazon. We will handle your order as soon as possible. You will receive an email...

False Senders

Well-known trademarks are often used alongside fake sender addresses to deceive recipients. The goal is to spread a virus or trick you into taking action for the fraudulent sender.

Person holding frame with someone elses portrait depicting impersonation fraud

CEO Fraud

CEO fraud involves criminals sending emails to you or other employees while pretending to be your CEO or another decision-maker. These emails urge you to take actions that could harm your organization.

Urgent!

From: Tom Callahan <tom.callahan@futuraskolan.se>

To: Teresa de Freitas

Hi.

I am on a business trip to Germany and cannot access our internet bank. We need to pay a deposit to our supplier as soon as possible. Please ask the finance department to transfer EUR 35,000 to Deutsche Bank's account 2299-3688881-3156-55?

Confirm as soon as it's done, preferably this afternoon!

Sincerely
Tom Callahan

Sent from my iPhone

CEO Fraud

Sometimes the scammer has gathered considerable knowledge about the organization and its decision-making processes. Combined with well-crafted fake emails, where both the typeface and signature appear legitimate, the scam can be very difficult to detect. Here are a few tips to help you.

Hands holding smartphone for verification calls

CEO Fraud

Call and verify!

If you have any doubts, call the alleged sender to confirm the email's authenticity. Do not rely on any phone numbers provided in the email; instead, find the sender's phone number yourself, such as through an online search or an internal phone list.

Email reply interface showing address verification concept

CEO Fraud

Before replying to a message, you can click on "Reply" without sending it.

This allows you to check the automatically entered recipient address. If it doesn't match the expected address, the scammer may have inserted a fake reply address hoping you won't notice.

Document verification and filing system for fraud prevention

CEO Fraud

Ensure that payment documents, account numbers, and invoices are authentic.

Be especially cautious if the transaction is claimed to be urgent. Scammers often use urgency to create stress and cause carelessness!

Trophy

Congratulations!

Well done! You've now completed the course.

We'll contact you when it's time for the next course. You may now close this window.