Skip to content

B.C. employee falls victim to ‘CEO scam,’ buys $500 in iTunes money for boss

The employee assumed an email came from her supervisor back in September, asking her to go out and purchase $500 in iTunes gift cards.
13896262_web1_iTunesCards

A clerical employee at a government agency in the Lower Mainland was duped into buying $500 in gift cards recently. RCMP are now issuing a warning about the notorious “CEO scam.”

North Vancouver RCMP said Tuesday that the employee received an email from her supervisor back in September, asking her to go out and purchase $500 in iTunes gift cards.

The supervisor claimed he was in a lengthy meeting, too busy to do this himself, and for her to forward the iTunes card details back to him, police said.

But after sending her supervisor the information – only to be asked again shortly after – the employee became suspicious.

Turns out it wasn’t her supervisor behind those emails after all – a known dupe that police have coined the CEO scam. In a typical scam of this kind, fraudsters gain access to email accounts of an executive or supervisor and target employees with the authority to access and move money, police said.

“Fraudsters send realistic-looking emails, requesting urgent wire transfers or gift card purchases for what appear to be legitimate business or personal reasons, such as securing an important contract, or a confidential transaction,” North Vancouver RCMP said.

Losses to this type of scam can range from hundreds to tens of thousands of dollars.

North Vancouver RCMP suggest a number of ways business owners can protect themselves against such scams:

  • Ensure your computer systems are secure, keep anti virus software up to date, and encourage all employees to use strong passwords to protect their email accounts from hackers.
  • Take a careful look at the sender’s e-mail address. It may be very similar to the real one, with only one or two letters being different.
  • Double-check with executives when they send wire transfer requests by e-mail, even when they look legitimate. Don’t use the contact information provided in the message and don’t reply to the e-mail.
  • Establish a standard process that requires multiple approvals for money transfers.
  • Limit the amount of employee information available online and on social media. Fraudsters use it to find potential victims and time their targeted fraud.


@ashwadhwani
ashley.wadhwani@bpdigital.ca

Like us on Facebook and follow us on Twitter.



About the Author: Ashley Wadhwani-Smith

I began my journalistic journey at Black Press Media as a community reporter in my hometown of Maple Ridge, B.C.
Read more