These are the stocks posting the largest moves before the bell.Market Insiderread more
Despite a disappointing earnings report, Wall Street analysts are sticking by the stock and looking ahead to the third quarter.Marketsread more
Treasury Secretary Steven Mnuchin says if the call goes well, he would expect in-person meetings to take place.Marketsread more
Netflix shares are cratering after it missed Wall Street's target for international subscriber growth.Investingread more
Billionaire hedge fund manager Ray Dalio just picked gold as a prime long-term opportunity. Here's why one market watcher says he could be wrong.Trading Nationread more
Philip Morris International beat second-quarter earnings and revenue estimates while hiking its full-year forecast as its new tobacco products gain momentum.Health and Scienceread more
Toys R Us is opening two permanent stores in November — at Simon Property Group's Galleria mall in Houston and at Unibail-Rodamco-Westfield's Garden State Plaza mall in...Retailread more
Warren wants to make private equity firms responsible for debts and pension obligations of companies they buy and change executive compensation rules to ensure that bankers...2020 Electionsread more
Netflix blamed its content slate, regional price increases and a 'pull-forward effect' of its strong Q1 growth for the miss.Technologyread more
Revenue of $10.24 billion exceeded the consensus estimate by almost $250 million.Financeread more
The pace of companies moving production out of China is accelerating, according to the Nikkei Asian review.Marketsread more
When the big boss says "jump," generally employees say "how high." Now, a new cyberscam is capitalizing on that mentality to fool its victims.
"[It's] the perfect storm for this type of fraud to happen,” said Tom Kemp, CEO of Centrify, a Santa Clara, California-based cybersecurity company.
It’s known as business email compromise or CEO fraud. The fraudsters send an email that looks all too real requesting a wire transfer or personal information on employees. Thinking they’re helping the boss, employees comply.
According to the FBI, the incidents of the scam increased 270 percent in the first four months of 2016. From October 2013 through February 2016, law enforcement received reports from 17,642 victims, amounting to $2.3 billion lost.
Cybersecurity company Centrify was almost one of those victims.
“I came into the office one day and I sit near the accounting department, and someone said, 'Hey we're working on that wire transfer you requested.' I'm like 'What are you talking about? I didn't request a wire transfer,'” Kemp said.
A member of his accounting department received an email chain that seemed to come from Kemp and Centrify’s CFO, Tim Steinkopf, requesting a wire transfer for more than $357,000.
“It just looked like normal business communication. Then we stared at the email and then we noticed that the 'i' and the 'f' were flipped around,” he said.
The swindlers had created a domain that looked just like Centrify’s and had likely also done sophisticated research.
“We were shocked at the level of sophistication that they would create a fraudulent domain that looked like our domain and also were able to research who's who in our accounting department and try to figure out who could actually initiate a wire transfer.” Kemp said.
While the Centrify team researched what was going on, emails kept coming in from the fake executive.
“The crook was actually communicating with us in real time, trying to nudge us along to actually initiate the wire transfer,” said Kemp.
Centrify tried to track down the criminals and called the company Vistaprint, which had registered the look-alike domain.
"They admitted that morning that 60 other look-alike domains were created. These domain registration companies, they really don't require any information or any credit card information to set up a domain, at least first 30 days,” Kemp said.
“Each domain registration goes through various fraud and credit card checks to ensure payment is verified. ... The email address being used is also run through a variety of proprietary checks to flag potential fraud. ... This is unfortunately an issue that all domain providers face. ... Every single complaint about the misuse of a domain is investigated,” said Alfredo Ramos, Vistaprint’s head of digital products, in an email statement.
To prevent being a victim, companies need to educate their employees about business email being compromised.
If something looks off, make a phone call to confirm, even if it means calling the CEO.
"I've told the people here at Centrify that I will never ever send an email asking for a wire transfer or to send personal identifiable information to me. ... So anytime you get a request from someone with an email address of email@example.com don't believe it. If need be, pick up the phone and actually call me," Kemp said.
He also suggests that companies have a separation between who can initiate and who can approve a wire transfer.
The FBI advises using multifactor authentication, which requires two ways of identifying yourself when signing into an account, such as a password and a code sent to your cellphone.
"You really need to step up your game in terms of making sure that you don't have this occur to yourself and your companies," Kemp said.