The “CEO phishing scam” 11 scammers arrested. They used to scam people using the name of their CEO’s

Electronic fraud is increasingly attacking victims, as the methods of threat actors employ new and sophisticated methods. Spain’s National Police arrested 11 people accused of fraud of more than 2.5 million Euros. According to the authorities, criminals used the Internet to trick companies and individuals from various countries with an attack variant known as “CEO fraud,” which involves misleading an employee with an email apparently sent by their boss to make a bank transfer, the resources will end up in the hands of the attackers.

The defendants face charges of fraud, money laundering and organized crime after more than 50 bank accounts to which hackers would have been linked to be detected in order to defraud the under attacked companies, located in countries such as the United States, Italy, the Netherlands, the Czech Republic, China, Lebanon and Kazakhstan.

Authorities began investigating potential fraud in early 2018, when a National Police unit received some reports of fraud allegations, leading to the detection of a group of perfectly organized cybercriminals for the deployment of phishing attacks and CEOs.

After deceiving users, threat actors collected the money using one of more than 150 bank accounts under their control, as well as employing dozens of intermediaries to hide the fraudulent origin of these resources and further complicate the task of tracking illegal transactions.

According to the National Police, 16 people were identified, one in Palma de Mallorca, one in Maspalomas (Gran Canaria), two in Ibiza and twelve in Valencia. The officers arrested 11 of these people, while the remaining five will face their legal proceedings at large.

The CEO scam is a fraud variant in which attackers have a detailed profile of the potential victim; Threats actors typically look for employees with access to the company’s finances and a position from which they can authorize transfers. The target employee receives an email, allegedly sent by their boss, asking to make a transfer to an external account as payment for services.

Attackers depend on the user not realizing that the email is sent from an apocryphal account, usually mimicking the company’s legitimate name with slight spelling alterations. This is a much more sophisticated and specific phishing variant, as phishing campaigns rely more on mass emailing.