Cisco's midyear report showed that CEO fraud netted cybercrime five times more money than ransomware 1 over the last three years. CEO fraud is a scam in which cybercriminals spoof company e-mail accounts and impersonate executives to try and fool an employee in accounting or HR into executing unauthorized wire transfers, or sending out confidential tax information.
The FBI calls this type of scam "business e-mail compromise" and defines BEC as "a sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. The scam is carried out by compromising legitimate business e-mail accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds."
In the time period from January 2015 to June 2016, the FBI reported a 1,300% rise in losses from this type of fraud. Most victims are in the United States (all 50 states), but companies in 100 other countries have also reported incidents. While the fraudulent transfers have been sent to 79 countries, most end up in China and Hong Kong. Unless the fraud is spotted within 24 hours, the chances of recovery are small.