{"id":1,"date":"2022-08-02T09:30:00","date_gmt":"2022-08-02T07:30:00","guid":{"rendered":"https:\/\/10.255.230.130\/?p=1"},"modified":"2022-08-09T17:59:54","modified_gmt":"2022-08-09T15:59:54","slug":"cybersecurity-tips-ceofraud","status":"publish","type":"post","link":"https:\/\/www.edificom.ch\/en\/cybersecurity-2\/cybersecurity-tips-ceofraud\/","title":{"rendered":"Cybersecurity <br\/>\u26a0\ufe0f CEO Fraud"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n<section class=\"text\">\n      <h2 class=\"text__title\">Essential tips<\/h2>\n    <div class=\"text__wrapper \">\n          <h2>The CEO Fraud<\/h2>\n<p>The attack called the CEO Fraud is more and more frequent due to the increase in teams working remotely from their homes. Here are some recommendations to avoid this type of threat.<\/p>\n<p><strong>\ud83d\udc68\u200d\ud83d\udcbb\ud83d\udc69\ud83c\udffb\u200d\ud83d\udcbb Awareness is the best defense. <\/strong>Your network suppliers may take all the necessary security measures to reduce these attacks. However, these are not sufficient to protect users who don\u2019t know how to recognize a\u00a0threat. Their growing ingenuity can trick even the most experienced users. The best protection is a secure IT setup as well as an\u00a0informed user.<\/p>\n<h4><\/h4>\n<h4>\ud83e\udd16 Cybersecurity tips 101<\/h4>\n<p>The Swiss government <span style=\"text-decoration: underline;\"><strong>National Cyber Security Center<\/strong><\/span> (NCSC) defined the <span style=\"text-decoration: underline;\"><strong><a href=\"https:\/\/www.ncsc.admin.ch\/ncsc\/en\/home\/cyberbedrohungen\/ceo-betrug.html\">CEO Fraud<\/a><\/strong><\/span> as an attack &#8220;when perpetrators instruct the accounting or finance department in the name of the CEO to make a payment to the (typically foreign) account of the scammers&#8221;<\/p>\n<p>&nbsp;<\/p>\n<p><strong>The characteristics of these attacks:<\/strong><\/p>\n<ul>\n<li>Use of a<strong> fake email address<\/strong> or a hacked existing address.<\/li>\n<li>Concerns an <strong>urgent money transfer<\/strong> or payment.<\/li>\n<li>Feeling of <strong>pressure<\/strong> or urgent situation.<\/li>\n<li>Other <strong>fake &#8220;experts&#8221;<\/strong> can be involved (consultants, lawyers&#8230;)<\/li>\n<li>Attackers are very <strong>informed about the company<\/strong> and its employees thanks to social media (LinkedIn) or even phone calls.<\/li>\n<li>Using the <strong>company letterhead,<\/strong> referring to <strong>real projects<\/strong>, hacking employee accounts, several email exchanges are some of the tactics used to gain the employee&#8217;s trust.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><strong>What you can do<\/strong><\/p>\n<p>It is important to remember that it is almost impossible to prevent fraudulent emails of this kind from being sent. Basic <span style=\"text-decoration: underline;\"><strong><a href=\"https:\/\/www.ncsc.admin.ch\/ncsc\/en\/home\/cyberbedrohungen\/ceo-betrug.html\">NCSC<\/a><\/strong><\/span> recommendations are:<\/p>\n<ul>\n<li><strong>Raise employees awareness<\/strong> about these kind of frauds. Specific training should be given to people in key positions.<\/li>\n<li><strong>Do not give out information<\/strong> to unusual or dubious contacts, and do not follow any instructions in such cases even if under pressure.<\/li>\n<li>All companies should <strong>check what information<\/strong> about the company is available online.<\/li>\n<li><strong>Procedures should be defined<\/strong> that all employees have to follow at all times, specifically concerning payments. The NCSC recommends requiring collective signatures for money transfers.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><strong>If you are a victim of the CEO Fraud<\/strong><\/p>\n<p>\u2713 If you made a payment, <strong>immediately contact the bank<\/strong> through which you made it. They may still be able to stop it.<\/p>\n<p>\u2713 <strong>Contact the cantonal police<\/strong> responsible for your place of business and file a criminal complaint.<\/p>\n<p>\u2713 If a request seems unusual, <strong>verify internally<\/strong> that the order is correct. Whether it be with your superior, HR, IT or the chairman himself\/herself. Double check internal procedures.<\/p>\n<p>&nbsp;<\/p>\n<p><strong>A few resources for more information<\/strong><br \/>\nStay up to date on the habits to develop for safe online surfing with these excellent resources.<\/p>\n<ul>\n<li>More information about <span style=\"text-decoration: underline;\"><strong><a href=\"https:\/\/www.ncsc.admin.ch\/ncsc\/en\/home\/cyberbedrohungen\/ceo-betrug.html\">CEO Fraud<\/a><\/strong><\/span> from the National Cyber Security Center and the <span style=\"text-decoration: underline;\"><strong><a href=\"https:\/\/www.skppsc.ch\/fr\/larnaque-au-president-en-quatre-etapes\/\">Swiss Criminality Prevention<\/a><\/strong><\/span> website (in French)<\/li>\n<li><span style=\"text-decoration: underline;\"><strong><a href=\"https:\/\/www.ge.ch\/dossier\/entreprises-numerique\/cadre-legal\/formation-ligne-gratuite-mieux-proteger-vos-donnees\">Online training<\/a><\/strong><\/span> to learn how to better protect your data (free and in French) from the Canton of Geneva<\/li>\n<\/ul>\n      <\/div>\n<\/section>\n\n<section class=\"feed\">\n  <h2 class=\"feed__title\"><\/h2>\n  <div class=\"feed__list\">\n    <? if ($type) : ?>\n      <? while( have_rows('feed_posts') ) : the_row();\n        $iframe = get_sub_field('feed_posts_item'); ?>\n        <div class=\"feed__list__item\">\n                  <\/div>\n      <? endwhile; ?>\n    <? else : ?>\n      <? foreach( $articles as $post ) : \n        $date = get_the_date('d F Y');\n        $excerpt = get_the_excerpt($post->ID);\n        $thumbnail = get_the_post_thumbnail_url($post->ID);\n        $link = get_permalink($post->ID);\n        ?>\n\t\t\t\t<article class=\"article-card\">\n          <span class=\"article-card__date\"><\/span>\n          <p class=\"article-card__excerpt\"><\/p>\n          <a href=\"\" class=\"article-card__image\">\n            <img decoding=\"async\" src=\"\" \/>\n            <svg width=\"50px\" height=\"50px\" viewBox=\"0 0 50 50\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" xmlns:xlink=\"http:\/\/www.w3.org\/1999\/xlink\">\n              <g id=\"Symbols\" stroke=\"none\" stroke-width=\"1\" fill=\"none\" fill-rule=\"evenodd\">\n                <g id=\"news\" transform=\"translate(-165.000000, -223.000000)\">\n                  <g id=\"btn\" transform=\"translate(165.000000, 223.000000)\">\n                    <circle id=\"Oval\" fill=\"#001400\" cx=\"25\" cy=\"25\" r=\"25\"><\/circle>\n                    <g id=\"Group-5\" transform=\"translate(18.000000, 18.000000)\" fill=\"#FFFFFF\">\n                      <path d=\"M7,0 C7.30927946,-5.68137151e-17 7.56,0.25072054 7.56,0.56 L7.56,6.44 L13.44,6.44 C13.7492795,6.44 14,6.69072054 14,7 C14,7.30927946 13.7492795,7.56 13.44,7.56 L7.56,7.56 L7.56,13.44 C7.56,13.7492795 7.30927946,14 7,14 C6.69072054,14 6.44,13.7492795 6.44,13.44 L6.44,7.56 L0.56,7.56 C0.25072054,7.56 -4.97379915e-14,7.30927946 -4.97379915e-14,7 C-4.97379915e-14,6.69072054 0.25072054,6.44 0.56,6.44 L6.44,6.44 L6.44,0.56 C6.44,0.25072054 6.69072054,5.68137151e-17 7,0 Z\" id=\"Combined-Shape\"><\/path>\n                    <\/g>\n                  <\/g>\n                <\/g>\n              <\/g>\n            <\/svg>\n          <\/a>\n        <\/article>\n\t\t\t<? endforeach;\n    endif; ?>\n  <\/div>\n  <a class=\"feed__more\" href=\"https:\/\/www.edificom.ch\/en\/?page_id=423\" target=\"\">Voir plus<\/a>\n<\/section>","protected":false},"excerpt":{"rendered":"<p>The attack in question is called the CEO-fraud\u00a0and it is more and more frequent due to the increase in teams working remotely from their homes&#8230;<\/p>\n","protected":false},"author":1,"featured_media":1702,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[18],"tags":[],"class_list":["post-1","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-2"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.edificom.ch\/en\/wp-json\/wp\/v2\/posts\/1","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.edificom.ch\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.edificom.ch\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.edificom.ch\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.edificom.ch\/en\/wp-json\/wp\/v2\/comments?post=1"}],"version-history":[{"count":64,"href":"https:\/\/www.edificom.ch\/en\/wp-json\/wp\/v2\/posts\/1\/revisions"}],"predecessor-version":[{"id":2225,"href":"https:\/\/www.edificom.ch\/en\/wp-json\/wp\/v2\/posts\/1\/revisions\/2225"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.edificom.ch\/en\/wp-json\/wp\/v2\/media\/1702"}],"wp:attachment":[{"href":"https:\/\/www.edificom.ch\/en\/wp-json\/wp\/v2\/media?parent=1"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.edificom.ch\/en\/wp-json\/wp\/v2\/categories?post=1"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.edificom.ch\/en\/wp-json\/wp\/v2\/tags?post=1"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}