The RCMP in Carmacks, Haines Junction, Watson Lake and Lower Post have been advised of fraudulent e-mails circulating where a scammer passes themselves off as the boss of a local business.
The latest report is from an employee advises she assumed the e-mail instruction request from her boss to be credible when he asked her to go out and purchase $800 worth of Google Play cards in $100 denominations. In the email, the boss (scammer) claims to be too busy to make the purchase himself and instructs the employee to scratch the redemption codes on the back of the four cards and send the photos to a different e-mail address.
The employee contacted her boss to confirm he received the photos, only to learn that the e-mail was fraudulent.
Unfortunately, the scam, known as the “CEO Scam”, is not new and appears to have made its way into our communities according to the Yukon RCMP.
In a typical “CEO Scam”, fraudsters gain access to the e-mail account of an executive or supervisor, likely from accessing an online email directory from an organization’s website. They target employees who have the authority to access and move money. Fraudsters send realistic-looking e-mails, requesting urgent wire transfers or gift card purchases for what appears to be a legitimate business or personal reasons, such as ‘securing an important contract’, or ‘a confidential transaction’.
They often send the targeted fraudulent e-mail when executives are travelling (accessing public Wi-Fi) or are otherwise difficult to reach.
Believing that the request is real, the employee transfers the money—only to find out upon the boss’s return or through other correspondence that the e-mail was a scam and the money is gone.
Losses to this type of scam can range from hundreds to tens of thousands of dollars. The fake “CEO Scam” is a growing threat to businesses and organizations of all sizes the RCMP says.
Below are tips to help protect yourself and your business against such a scam:
- Ensure your computer systems are secure.
- keep antivirus software up to date, and encourage all employees to use strong passwords to protect their email accounts from hackers.
- Take a careful look at the sender’s e-mail address. It may be very similar to the real one, with only one or two letters being different. Double-check with executives when they send wire transfer requests by e-mail, even when they look legitimate.
- Don’t use the contact information provided in the message and don’t reply to the e-mail. Establish a standard process that requires multiple approvals for money transfers.
- Limit the amount of employee information available online and on social media. Fraudsters use it to find potential victims and time their targeted fraud.
If you are a victim of fraud or suspect you have been scammed, report it to your local police, and the Canadian Anti-Fraud Centre by going to their website (www.antifraudcentre-centreantifraude.ca) or by calling 1-888-495-8501