Cybersecurity firm Kaspersky has warned of a new wave of targeted email scams by hackers aimed at tricking finance teams into paying fake invoices by impersonating company CEOs.
Over the past few weeks, Kaspersky has detected a series of Business Email Compromise (BEC) attacks where scammers posed as top executives and sent emails to finance departments.
According to the company, the scammers convinced the finance employees to process fake payments for consulting or legal services.
Further, some emails even included fabricated conversations with alleged contractor companies to make the requests appear legitimate.
Also Read: Easy Steps to Protect Your TikTok Account from Hackers
How Hackers Are Duping Companies
In the recent cases, attackers drafted emails that mimicked ongoing conversations between the targeted company’s CEO and an external contractor.
Additionally, the emails, which were designed to appear urgent and legitimate, requested payment of attached or referenced invoices.
However, although the display name appeared to belong to the CEO or partner company, the actual sender’s email address was completely unrelated and often changed between messages.
In some instances, the attackers added a fake back-and-forth thread between the CEO and the “contractor” to make the message appear authentic, while in others, they issued payment instructions without attachments.
“This attack stands out for its meticulous attention to detail and exploitation of trusted relationships. By fabricating convincing email threads and impersonating high-level executives, attackers are banking on employees’ reluctance to question seemingly authentic requests,” a spam analyst at Kaspersky, Anna Lazaricheva, said.
Moreover, unlike other cyberattacks, BEC does not rely on malware, making it harder to detect with traditional antivirus software.
Also Read: How Man Working at Atwoli’s Office Hacked Payroll to Increase His Salary
How Businesses Can Stay Protected
Organisations have been warned to verify email addresses and avoid relying only on the display name.
“Always inspect the full email address,” noted Kaspersky.
Also, organisations should double-check unusual requests, even if an email looks like it’s from a company executive and confirm the request through a separate communication channel like a phone call or messaging app.
Furthermore, the cybersecurity firm urged businesses to watch for clues like fake URLs, unusual formatting, and urgent tones are all red flags.
“Train employees regularly. Ensure teams are aware of how these scams work and how to respond,” it noted.
Follow our WhatsApp Channel and X Account for real-time news updates.
