In the ongoing Caritas embezzlement scandal, investigators are currently focusing on the possibility that the non-profit was targeted by an executive phishing scheme, commonly known as a CEO scam.
In these scams, criminals collect information about their targets, including email addresses and phone numbers, and use this data to create convincing scenarios that deceive victims into making fraudulent bank transfers.
The Luxembourg House of Cybersecurity (LHC) has noted that CEO scams are "fairly widespread" in Luxembourg. The state agency revealed that it records approximately 1 to 2 cases per month, based on official reports received over recent years.
The LHC also indicated that half of these scams are detected in time, helping to mitigate the potential damage. This type of scam has been prevalent for about a decade, and the LHC regularly informs businesses about its risks. One of several avenues being explored by investigators in the recent Caritas scandal is the possibility of it being the result of such a scam – as alleged by the principal suspect.
According to the LHC, the root cause of these scams is often human error, making them challenging to completely prevent. The agency advises employees to remain vigilant and scrutinise any "emergencies or situations where they are under pressure."
While the LHC does not have detailed information about the perpetrators, it notes that scammers typically target large enterprises with complex organisational structures. Such companies, with many employees who may not all know each other, provide opportunities for scammers to intercept communications. International companies, particularly those with operations in multiple countries, are common targets. However, smaller businesses, including small trusts, can also be affected. A prevalent scam technique involves intercepting and altering invoices to redirect funds to accounts controlled by the criminals.
The LHC, along with its two centres—the Computer Incident Response Center Luxembourg (CIRCL) and the Luxembourg National Cybersecurity Competence Center (NC3)—is available around the clock to assist with protecting against attacks and responding to intrusions.
Their services are provided free of charge, and they can be reached via hotline at 247 88444.
