In January 2020, Heidi Kühn, founder and CEO of Roots of Peace, returned from an overseas trip to devastating news: her finance department had unwittingly transferred over $1 million to an unfamiliar bank account. Kühn and her team quickly realized they’d become victims of a CEO fraud cyber attack—cybercriminals had infiltrated the company’s email accounts via spear phishing and impersonated Kühn to trick the finance team into sending funds abroad.

The theft had an enormous impact on Roots of Peace, a nonprofit dedicated to converting minefields into arable farmland in former war zones. Following the attack, Roots of Peace reached out to the CyberPeace Insitute, an organization that provides free cybersecurity assistance, threat detection and analysis to NGOs and other critical sectors. Roots of Peace was able to recover some of the funds, but to date, only $175,000 of the $1.34 million total stolen has been returned.

Roots of Peace is an international humanitarian organization, but their story isn’t unusual: In 2021, CEO fraud caused $2.4 billion in losses to US businesses alone, according to the FBI Internet Crime Report. Kühn’s story is featured in the second episode of “Caught in the Digital Crosshairs: The Human Impact of Cyberattacks,” a new video series on cyber security produced by GZERO in partnership with Microsoft and the CyberPeace Institute. GZERO spoke with Kühn and Derek Pillar, a cyber security expert from Mastercard, to learn more about the threat of CEO fraud, the real-life impact of cyberattacks against the humanitarian sector, and how you can prevent similar attacks from happening to you and your organization.