Social Engineering Attacks Against CFOs


Threat Report


Business executives of small and medium sized firms all over Australia are being targeted by sophisticated social engineers that attempt to defraud them with fake invoices. In this report, we present an advanced attacker group that successfully defrauded numerous small businesses in Melbourne, Sydney and Brisbane in Australia.

We have labelled this group “FRAUDSTERS-1”, and this report presents their attack techniques and offers recommendations that companies can implement to protect themselves.

Fraud Operation Overview


FRAUDSTERS-1 compromises the email servers of business advisory companies located outside of Australia and uses their domain names to send emails to Chief Financial Officers (CFOs) pretending to be the Chief Executive Officer (CEO).

The English language and grammar in their emails is flawless, and they employ numerous social engineering techniques such as calibrated questions, “no” questions, labels, and pretexting. Any successful attack results in deceiving the CFO into wiring funds to money-mules located in South East Asian countries such as Malaysia, Hong Kong and Vietnam.

Download the full report >