CEO Fraud Response Checklist

1. Contact your bank

• Give them full details of the amount of wire transfer, the account destination and other details
• Recall the transfer if possible
• Have them contact the foreign bank to freeze the funds

2. Contact your attorneys

• Inform them of the facts

3. Contact law enforcement

• Identify your incident as “BEC,” provide a brief description, provide complete financial information

4. File a complaint

• Visit the FBI’s Internet Crime Complaint Center (IC3) at www.IC3.gov to file your complaint with full details of the crime

5. Brief the board and senior management

• Call an emergency meeting to brief the board and senior management on the incident, steps taken and further actions to be carried out

6. Conduct IT forensics

• Have IT investigate the breach to find the attack vector, recover control of hacked email accounts, and find any malware remaining anywhere within the network

7. Bring in outside security specialists

• Bring in outside help to detect areas of intrusion that IT may have missed. All traces of the attack and all traces of malware must be eradicated.

8. Contact your insurance company

• Find out if you are covered for the attack

9. Isolate security policy violations

• Investigate violations as well as the possibility of collusion with criminals. Take the appropriate disciplinary action.

10. Draw up a plan to remedy security deficiencies

• Beef up security technology and procedures
• Bolster staff security training, especially security awareness training