Skip to main content

Is That Really a Text from Your CEO... or Is It a Scam?

By
Imagine you’re going about your day when suddenly you receive a text from the CEO. The head of the company is asking for your help. They’re out doing customer visits and someone else dropped the ball in providing gift cards. The CEO needs you to buy six $200 gift cards and text the information right away. The message sender promises to reimburse you before the end of the day. Oh, and by the way, you won’t be able to reach them by phone for the next two hours because they’ll be in meetings. One last thing, this is a high priority. They need those gift cards urgently. Would this kind of request make you pause and wonder? Or would you quickly pull out your credit card to do as the message asked? A surprising number of employees fall for this gift card scam. There are also many variations. Such as your boss being stuck without gas or some other dire situation that only you can help with. This scam can come by text message or via email. What happens is that the unsuspecting employee buys the gift cards. They then send the numbers back. They find out later that the real company CEO wasn’t the one that contacted them. It was a phishing scammer. The employee is out the cash. Without proper training, 32.4% of employees are prone to fall for a phishing scam.

Why Do Employees Fall for Phishing Scams?

Though the circumstances may be odd, many employees fall for this gift card scam. Hackers use social engineering tactics. They manipulate emotions to get the employee to follow through on the request. Some of these social engineering tactics illicit the following: • The employee is afraid of not doing as asked by a superior • The employee jumps at the chance to save the day • The employee doesn’t want to let their company down • The employee may feel they can advance in their career by helping The scam’s message is also crafted in a way to get the employee to act without thinking or checking. It includes a sense of urgency. The CEO needs the gift card details right away. Also, the message notes that the CEO will be out of touch for the next few hours. This decreases the chance the employee will try to contact the real CEO to check the validity of the text.

Illinois Woman Scammed Out of More Than $6,000 from a Fake CEO Email

Variations of this scam are prevalent and can lead to significant financial losses. A company isn’t responsible if an employee falls for a scam and purchases gift cards with their own money. In one example, a woman from Palos Hills, Illinois lost over $6,000. This was after getting an email request from who she thought was her company’s CEO. The woman received an email purporting to be from her boss and company CEO. It stated that her boss wanted to send gift cards to some selected staff that had gone above and beyond. The email ended with “Can you help me purchase some gift cards today?” The boss had a reputation for being great to employees, so the email did not seem out of character. The woman bought the requested gift cards from Target and Best Buy. Then she got another request asking to send a photo of the cards. Again, the wording in the message was very believable and non-threatening. It simply stated, “Can you take a picture, I’m putting this all on a spreadsheet.” The woman ended up purchasing over $6,500 in gift cards that the scammer then stole. When she saw her boss a little while later, her boss knew nothing about the gift card request. The woman realized she was the victim of a scam.

Tips for Avoiding Costly Phishing Scams

Always Double Check Unusual Requests

Despite what a message might say about being unreachable, check in person or by phone anyhow. If you receive any unusual requests or one relating to money, verify it. Contact the person through other means to make sure it's legitimate.

Don’t React Emotionally

Scammers often try to get victims to act before they have time to think. Just a few minutes of sitting back and looking at a message objectively is often all that’s needed to realize it’s a scam. Don’t react emotionally, instead ask if this seems real or is it out of the ordinary.

Get a Second Opinion

Ask a colleague, or better yet, your company’s IT service provider, to take look at the message. Getting a second opinion keeps you from reacting right away. It can save you from making a costly judgment error.

Need Help with Employee Phishing Awareness Training?

Phishing keeps getting more sophisticated all the time. Make sure your employee awareness training is up to date. Give us a call today to schedule a training session to shore up your team’s defenses.

Location: Westlake Village, CA, USA

Comments

Post a Comment

Popular posts from this blog

6 Ways to Prevent Misconfiguration (the Main Cause of Cloud Breaches)

By
Misconfiguration of cloud solutions is often overlooked when companies plan cybersecurity strategies. Cloud apps are typically quick and easy to sign up for. The user often assumes that they don't need to worry about security because it's handled. This is an incorrect assumption because cloud security is a shared model. The provider of the solution handles securing the backend infrastructure. But the user is responsible for configuring security settings in their account properly. The problem with misconfiguration is huge. It’s the number one cause of cloud data breaches. It’s also an unforced error. Misconfiguration means that a company has made a mistake. It hasn't adequately secured its cloud application. Perhaps they gave too many employees administrative privileges. Or, they may have neglected to turn on a security function. One that prevented the downloading of cloud files by an unauthorized user. Misconfiguration covers a wide range of negligent behavior. It a...
Post a Comment
Read more

Cool Windows 11 Features That May Make You Love This OS

By
Microsoft released the Windows 11 operating system (OS) over a year ago. It was largely well-received as stable and user-friendly. The OS is not a large departure from the Windows 10 experience. But it does offer a lot of enhancements over the older environment. Yet with several improvements and a free upgrade for Windows 10 users, it still lags in adoption. As of November 2022, Windows 10 still owns the lion’s share of Windows PCs. It has a 69.75 percent usage share as compared to 16.13 percent for Windows 11. People are slowly upgrading to the newer OS. But it’s natural for some to take a wait-and-see stance. They want to make sure it’s worth the time to upgrade. Additionally, no one wants to have to relearn their computer desktop. The good news is that Windows 11 has a similar workspace feel to its predecessor. But it packs a lot of great productivity and security benefits that Windows 10 lacks. Here are some of the coolest features in this current Windows OS. After taking a look...
Post a Comment
Read more

Smart Tips to Keep Money From Being Stolen Through Online Banking

By
There are a lot of things that have changed since the invention of the internet. One of these is how we bank and access our accounts. You used to have to go into a local bank branch to make deposits and withdrawals. Now, you can take a picture of a check and deposit it from your phone. Approximately 73% of people around the world use some form of online banking at least once a month. People have never had such convenient account access. But that convenience can come at a cost. In 2021, account takeover fraud increased by 90%. New account fraud jumped a whopping 109%. As the ease of online banking has increased, so has banking-related cybercrime. If someone breaches your Facebook account, it can be a real pain. But, if a hacker breaches your bank account, it can be devastating. It can mean significant losses. Losses that you may not be able to recoup from your financial institution. In this article, we’ll take a look at the mistakes people make that leave their accounts at risk. Then...
Post a Comment
Read more