BDO has been made aware of an increase in the use of a scam that specifically targets company executives. A number of our clients have already been targeted and some have even be caught out.

Fake wire transfer scams as they are known, due to their origin in the USA, are credit transfer requests that involve sending an email request, usually pretending to be from the CEO or a senior executive from yours or another organisation. The scammers will usually send the fake transfer emails to employees working in the finance department of a company, since they will have the ability to action payment requests.

Although these fake transfer request emails are not new, the scammers are becoming more ingenious and have started to target specific individuals. This technique is increasingly common in PLC’s where the executive names and positions are in the public domain and emails may appear to come from other senior executives within your company.

At first glance these can appear to be very genuine since the scammer will sometimes register a similar domain name to yours. For example, if a scammer was targeting an executive at exampledomain.com, they might register the domain exampledoma1n.com or exaampledomain.com. So you might receive an email sent to you at yourname@exampledomain.com from CEO@exaampledomain.com. The scammer hopes that when a recipient replies to the email, they will not notice the slight difference in the domain name and think it’s from a trusted sender.

It is not uncommon for scammers to hide the real email address that they want you to reply to. The real address is often hidden but most email programmes will display the actual address if you place your mouse pointer over the link – but don’t click on it!

Even if you have installed the latest up-to-date security products it is very difficult to stop these kinds of scams from getting through. Scammers will often use new domain names that have only just been registered so they haven’t been blacklisted.

If you do receive a transfer request that seems out of the ordinary, ask yourself is it normal for your CEO to ask you for this kind of request and is the type of language they use similar to what they would normally use?

If you have the slighted doubt, always check that the sender is who they say they are because unfortunately, once a transfer has been initiated by an approved company employee there is very little chance of it being recovered.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.