Analysis

Fraud warning: increase in “Fake President” frauds

We wish to draw the attention of our clients and suppliers to a wave of frauds affecting many companies at the moment. The current most frequently used fraud is called “Fake President Frauds”. We recommend our clients and suppliers to stay vigilant.

How the fraud works

By using a fake identity, this scam consists in convincing the employee of a company to make an emergency bank transfer to a third party, in order to obey an alleged order of a leader under the pretext of a debt to pay, a provision in contract or a deposit, for instance.

These type of frauds are created by well organised criminal organisations with a complete knowledge regarding the market, structure and customers of the companies they are attacking. This knowledge is used to give them all necessary arguments to convince their victim and act in the wanted direction.

Typical Scenario

1. Establish contact

The fraudsters impersonate a group executive (e.g. the president, CEO, CFO) or a trusted partner (e.g. lawyers, notaries, auditors, accountants etc.) of the company. They contact a specific employee’s company by reaching a manager, an accounts payable clerk or any other employee they think useful to achieve their imposture.

The contact may be established by phone calls (imitating the voice) or emails (imitating the email address).

 

2. Urgent and exceptional request

The fraudsters request an urgent bank transfer of a large amount to a foreign bank account.

 

3. Persuasive dialog

To be convincing, the fraudster will use a combination of the following elements:

  • Use of authority: It is an order to do this
  • Secrecy: This project is still secret and its success depends on this transaction
  • Valorization: I count on you for your efficiency and discretion
  • Pressure: The success of the project rests on your shoulders
 

4. Transfer order

Being unsuspicious, the bank transfer will be done manually (using a direct phone call or fax to a bank).

This manual bank transfer does not follow the standard procedure but may effectively be used by companies in urgency cases or for flexibility reasons as an alternative to the standard procedure.

How to prevent

  • Inform internally that this type of fraud is currently active on the market
  • Respect standard working procedures
  • Verify the legitimacy of the request by calling back the person using the contact information stored in your contact and not the one given during the call or within the email
  • Be vigilant to any urgent or confidential request not respecting the standard working procedure
  • Be aware of any unusual bank transfer request (high amounts to an unknown or foreign account, to a country where the company has no market relations)
  • Follow your intuition: if you have any doubt, it is better to take time and check

How to react

  • Do not complete the requested action until it will have been identified as a valid request
  • Inform your superior for further internal action
  • Contact your Deloitte contact point in case of any unusual request coming from or referring to a supposed Deloitte employee or a supposed Deloitte trusted partner. 

Example emails

In English

From: Client CEO

To: Client Financial manager

Subject: Dossier CEO/55265

 

Good Morning,

I inform you that I am treating with the help of Maître Man Ager from Deloitte cabinet a confidential financial operation that must be finalized today.

Therefore, I instruct you to make the payment of the first deposit for this operation and ask you to immediately contact our law firm by e-mail man.ager-deloitte@consultant.com so that they transmit you the bank details of the international contact to whom the payment of 469 580 €. Must be done.

Include in your message the reference DOSSIER CEO/55265.

I mandated Maître Ager to give you some explanation concerning this operation and especially to inform you about of the privacy of this matter, and I insist that you must be the only person to be aware at the moment until the official announcement to be held very soon.

I count on your responsiveness because the cabinet should make his report to me on the evolution of the dossier to which I attached special importance.

Upon receipt of bank details, please let me know by return mail.

Have you been contacted by Maître Ager?

 

Best Regards,

 

 

In French

De: Client CEO
A : Client Financial manager
Objet : Dossier CEO/55265

 

Bonjour,

 

Je vous informe que je traite actuellement avec l’aide de Maître Man Ager du cabinet DELOITTE, une opération financière confidentielle qui doit être finalisée aujourd'hui.

Je vous charge donc d’effectuer le paiement du premier acompte de celle-ci et vous prie de prendre contact immédiatement avec notre cabinet juridique par mail man.ager-deloitte@consultant.com, afin qu'il vous transfère les coordonnées bancaires du correspondant international à qui nous effectuerons ce paiement d'un montant 469 580 €.

Indiquez dans votre message la référence DOSSIER CEO/55265.

J’ai mandaté Maître Ager pour qu’il vous donne quelques explications concernant cette opération et surtout qu’il vous informe sur la confidentialité de ce dossier, et j’insiste pour que vous soyez la seule personne au courant pour le moment, jusqu'à l’annonce officielle qui aura lieu très prochainement.

 Je compte sur votre réactivité car le cabinet doit me rendre compte de l’évolution de ce dossier auquel je tiens tout particulièrement.

Dés réception des coordonnées bancaires veuillez m'en informer par retour de mail.

Avez vous été contacté par Maître Ager ?

 

Cordialement

Did you find this useful?