CEO fraud is one of the most financially damaging online crimes. It abuses the fact that so many of us rely on email, both private and in business. Business email fraud scammers are slick. But there are several tips to protect your business from these types of attacks.
1 Check if SPF, DKIM and DMARC are set
Setting up SPF, DKIM and DMARC can prevent spoofed e-mail being sent from your domain name. You can easily check whether the settings are correct with this online tool. The online risk scan on the Eye Security website also performs this check.
2 Train your employees regularly
Simulating incidents is a proven method of unlearning undesirable behaviour and teaching your employees how to recognise fraud. Phishing simulations are part of the Eye package.
3 Use Microsoft 365 or Google Workspace
Cloud solutions such as Microsoft 365 or Google Workspace are better at filtering spam than traditional (on-premise) mail servers. You can often fine-tune cloud solutions to prevent spam. Eye monitors cloud environments 24/7 and is able to temporarily block users in order to repel digital attacks.
4 Spread examples
By showing employees examples of CEO fraud, you make them aware of it and teach them to recognise the signs.
5 Set up strong internal processes
Make good agreements about the transfer of money within your company, for example. Enforce the four-eyes principle when a large amount has to be transferred. In addition, always call a supplier when a change of account number is passed on to check whether it is legitimate.