A CEO said that his controller had just received an email, ostensibly from him, asking her to process an urgent outgoing payment.
Everything about the letter looked legit.
“It has my display name, spelled correctly,” said Kevin O’Brien, co-founder and CEO at Belmont, Mass.-based GreatHorn. “There are no attachments. There’s nothing in the email that’s misspelled. My signature line was copied from my real emails.”
The text of the email was totally something that a CEO might say.
“Hi Caitlin,” the message said, addressing the company’s controller, Caitlin McLaughlin. “Are you available to process an outgoing payment today? Let me know and I will send the payment details as soon as I receive it from the consultant shortly; I am traveling and this is urgent.”