A targeted attack mimics communication from company CEO to steal funds

 

Over the last weeks, Kaspersky detected a series of sophisticated attack attempts aimed at deceiving an organization’s finance team into paying fraudulent invoices. Emails mimicking correspondence between the organization’s CEO and contractor companies were sent to the organization’s finance department to persuade them into paying urgent “invoices” for alleged “consulting services”. These attack attempts highlight a disturbing trend of targeted schemes leveraging forged executive identities to exploit corporate trust.
The analyzed attack attempts were examples of business email compromise (BEC) attacks. As a rule, such attacks are made on behalf of a management representative of a compromised firm. Importantly, in all analyzed cases the senders were fake – the real addresses from where the emails came had nothing in common with the displayed sender names. These tricks were used to persuade the victims that the emails were legitimate.
Some incidents involved emails that imitated correspondence between the company’s CEO and an alleged contractor law firm, urging the financial department to pay the attached fake invoice. The fake correspondence with the CEO of a victim company was used as “proof” that the request for payment was legitimate. In this attack the name of the fictional partner company was indicated only in the name of the sender field, and a real email address was different and changed from email to email.
Other incidents featured similar emails that mimicked communications between the CEO and contractor companies to request urgent payment for a fake invoice, but this time the invoice itself was not attached.
“This attack stands out for its meticulous attention to detail and exploitation of trusted relationships. By fabricating convincing email threads and impersonating high-level executives, attackers are banking on employees’ reluctance to question seemingly authentic requests. Companies must prioritize employee training and robust email verification systems to counter these evolving threats,” commented Anna Lazaricheva, spam analyst at Kaspersky.
In order to avoid becoming a victim of fraudulent messages and specifically business email compromise attacks, Kaspersky experts advise the following:
• Check the sender’s email address and do not rely on the displayed name of the sender, as actual email addresses may have nothing in common with the companies and people who are displayed to have sent the email.
• Only open emails and click links if you are sure you can trust the sender; make sure that the sender’s address is legitimate.
• When a sender is legitimate, but the content of the message seems strange, it is worth checking with the sender via an alternative means of communication.
• Check the spelling of a website’s URL if you suspect you are faced with a phishing page. The URL may contain mistakes that are hard to spot at first glance, such as a 1 instead of I or 0 instead of O.
• Use a proven cybersecurity solution such as Kaspersky Next and Kaspersky Premium when surfing the web.

Related Posts

Inside FunkSec: Kaspersky explores the evolution of AI-powered ransomware with password-gated capabilities

The domain of deception: Attackers deploy spyware under the guise of legal threats

Thndr Recognized by World Economic Forum as 2025Technology Pioneer The only Egyptian and North African company among the 2025

British Council’s Deep Dialogues Brings Together Delegates from Egypt, Tunisia and Saudi Arabia in Cardiff

Commvault Convenes Egypt’s Cybersecurity Leaders at SHIFT Cairo

Dubai Launches Landmark Initiative Further Enabling First-Time Homeownership

Noise-Free Conversations and Lush Soundscapes: Meet the HUAWEI FreeBuds 6

Raya Electronics Expands Strategic Partnership with Lenovo and Microsoft

آخر الأخبار
تحت رعاية  البنك المركزي المصري افتتاح  أعمال المنتدى السنوي لرؤساء ادارات المخاطر فى البنوك العربية اتصال هاتفي بين وزير الخارجية والهجرة ونظيره النرويجى تعاون استراتيجي بين الهيئة العامة للرعاية الصحية وجامعة عين شمس وزير الكهرباء يتابع إطلاق التيار بمحطة محولات “روافع رشيد 2” بجهد 220/66/11 ك.ف وزير الإسكان: أجهزة المدن الجديدة تواصل ضبط وإزالة وصلات المياه الخلسة وتحصيل المتأخرات "الزراعة" تصدر 677 ترخيص تشغيل جديد لأنشطة ومشروعات الإنتاج الحيواني والداجني «الصحة» تعلن إغلاق 112 منشأة خاصة لعلاج الإدمان بـ5 محافظات وزير الدفاع الهولندي: سنبحث في فرض عقوبات جديدة على روسيا لاستخدامها أسلحة كيميائية في أوكرانيا البيت الأبيض: ترامب سيوقع مشروع قانون الموازنة غدا موعد عرض مسلسل محمد فراج الجديد “كتالوج” رضوى الشربيني توجه رسالة لشيرين عبد الوهاب اغنية كارمن سليمان الجديدة تتصدر التريند موعد مباراة الهلال وفلومينينسي الليلة في كأس العالم للأندية مواعيد مباريات اليوم الجمعة والقنوات الناقلة أسعار العملات في مصر اليوم الجمعة أسعار الدينار الكويتى في مصر اليوم الجمعة أسعار الدولار في مصر اليوم الجمعة أسعار الدواجن والبيض في مصر اليوم الجمعة أسعار الخضار والفاكهة اليوم الجمعة آبل توقف تطوير آيباد القابل للطي وتركز على أول آيفون فولد