VD-bedrägeri : Hur arbetar svenska kommuner för att minska risken för VD- bedrägeri?

Sammanfattning: The use of digital equipment and services is increasing both in organizations and private individuals. This means that more and more people are connecting to the Internet to communicate and share data that may include sensitive information. Due to security developments, unauthorized access to data has become increasingly sophisticated and therefore it has become difficult for cybercriminals to access it. Therefore, cybercriminals have begun to exploit human psychology. There are several different ways cybercriminals use to exploit the social aspect of people. One of these is CEO-fraud which targets specific individuals, often high-profile individuals such as executives and financial controllers. This study has investigated how Swedish municipalities work to reduce the risk of CEO-frauds. Also, the study has mapped out the methods and guidelines used by municipalities to ensure that their employees are not exposed to that type of attack. The study was conducted using a qualitative and quantitative survey that was sent to all 290 municipalities, which resulted in 71 responses. The results show that these municipalities use various technical defences and educate employees. Also, the study shows that these municipalities have policies and guidelines on how phishing and CEO fraud e-mails should be handled.