CEO Fraud Response Checklist

May 24, 2019

While steps to safeguard your organization will greatly reduce the likelihood of an incursion, all it takes is one gullible or inattentive user to let the bad guys inside. Should that happen, there are a number of steps you can take to move toward resolution and restitution.

1. Contact your bank

  • Give them full details of the amount of wire transfer, the account destination and other details
  • Recall the transfer if possible
  • Have them contact the foreign bank to freeze the funds

2. Contact your attorneys

  • Inform them of the facts


3. Contact law enforcement

  • Identify your incident as “BEC,” provide a brief description, provide complete financial information


4. File a complaint

  • Visit the FBI’s Internet Crime Complaint Center (IC3) at to file your complaint with full details of the crime


5. Brief the board and senior management

  • Call an emergency meeting to brief the board and senior management on the incident, steps taken and further actions to be carried out


6. Conduct IT forensics

  • Have IT investigate the breach to find the attack vector, recover control of hacked email accounts, and find any malware remaining anywhere within the network


7. Bring in outside security specialists

  • Bring in outside help to detect areas of intrusion that IT may have missed. All traces of the attack and all traces of malware must be eradicated.


8. Contact your insurance company

  • Find out if you are covered for the attack


9. Isolate security policy violations

  • Investigate violations as well as the possibility of collusion with criminals. Take the appropriate disciplinary action.


10. Draw up a plan to remedy security deficiencies

  • Beef up security technology and procedures
  • Bolster staff security training, especially security awareness training


Subscribe for Updates

Want more GBQ Technology? We don’t blame you. Our blog ensures you never miss a beat.