The CEO Fraud

The method relies on an employee’s willingness to perform tasks quickly when asked to do so by management. The fraudsters seem to know the organisation well, and the emails are very convincing.

How to detect the CEO scam?

• Someone high up in the company contacts you directly, through an unsolicited email or call.
• You are asked for absolute confidentiality.
• You feel pressure and a sense of urgency.

• The request is unusual and at odds with internal procedures.
• You are threatened or flattered in an unusual way, or promised a reward.

How to avoid this type of scam?

As a company

• Be aware of the risks and ensure that your employees are also informed and aware.
• Encourage your staff to approach payment requests with caution.
• Put in place internal protocols regarding payments.
• Put in place a procedure to verify the legitimacy of payment requests received by e-mail.

• Put in place reporting procedures to deal with fraud.
• Review the information published on your company website, limit information and be cautious about social media.
• Improve and update technical security.
• Always contact the police if a fraud attempt is made, even if you have not been the victim of the scam.

As an employee

• Strictly follow the security procedures in place for payments and purchases. Do not skip any steps or give in to pressure.
• Always check email addresses carefully when dealing with sensitive information or money transfers. Fraudsters often use copied emails where only one character differs from the original.
• If you have doubts about a transfer order, consult a competent colleague, even if you have been asked to use discretion.

• Never open suspicious links or attachments received by email. Be especially careful when checking personal mailboxes on company computers.
• Limit information and be cautious about social media.
• Avoid sharing information about hierarchy, security or company procedures.
• If you receive a suspicious email or call, always inform your IT department.