German company Leoni victim of CEO fraud

The German wire manufacturer and automotive supplier Leoni AG, seated in Nuremberg, has announced that "it had become the victim of fraudulent activity with the help of falsified documents and identities and the use of electronic communication channels". The criminals targeted a subsidiary of Leoni in Romania. They asked for the payment of EUR 40 million by sending emails to an employee of the Romanian subsidiary's finance department pretending to originate from the CFO in Germany. As a result, company funds were transferred to a bank account in the Czech Republic. Leoni declared that it had immediately launched an in-house investigation, was assessing damage and insurance claims and had reported the incident to the police.

The number of business email compromise attacks is continuously increasing. Like Leoni even huge corporations have fallen foul of such attacks. Since such incidents usually cause large financial losses for the injured companies, there is a strong need to raise the awareness of employees for CEO fraud attacks. Not only is it necessary to install binding processes for money transactions (i.e. no payment without unequivocal confirmation of the alleged initiator) and to monitor compliance with these rules, but the whole staff, particularly employees that are authorized to trigger large payments, need to be informed about CEO fraud cases. Usually the criminals use inside information for their email scams to appear more convincing and to trick its recipient into believing it is a genuine request for payment. Criminals profit from physical distance and hierarchical organization in worldwide corporate structures as well as from employee's obedience to authority and their inhibition to double check a request coming from an alleged CEO asking for a transaction at "very short notice" and in a "highly confidential and important issue". Often it does not take the criminals more than a few emails (and probably some phone calls) to convince the employee to transfer several million Euros to unknown bank accounts abroad.

If the damage has happened already, quick action is required as the criminals monitor their bank accounts frequently and forward incoming money quite soon – mostly to bank accounts in emerging countries and tax havens with discrete banking system. In case there is still money in the recipient account, the receiving bank's Anti-Money-Laundering-Officer needs to be contacted immediately and asked to freeze the account to stop further transactions as well as to make a suspicious transaction report to the competent national authorities. Furthermore, the offence should be reported to the national police or prosecuting authorities in the country where the offence was committed as well as in the state of the receiving bank. When the injured company or its lawyers, the receiving bank and the national authorities cooperate quickly and effectively, there is a good chance to receive the money back. However, the best measure against CEO fraud is prevention: the implementation of binding processes for money transactions and training the staff.