What is it?

A criminal impersonates your boss or a senior manager to either make an urgent payment or change payment details for a contract or supplier.

They gain access to your business’s email account by hacking or use spoofing software to email a member of the finance team with what appears to be a genuine email from your boss or a senior manager.

Criminals may target businesses over several months, building a picture of the structure of your firm and the employees responsible for authorising payments. Your website can sometimes reveal information about genuine suppliers that can then be used by criminals.

How to spot a CEO scam

  1. You’re asked to urgently process an out of the ordinary payment by your CEO, a boss or a senior manager
  2. The language used in the email isn’t consistent with that of the genuine sender
  3. You’re asked to change the bank details of an existing supplier on your system

Example of a CEO scam

Mary*, a financial controller, received an email from her CEO Kurran requesting an overdue invoice of £5,650 be paid to a supplier. Due to meetings Kurran said he was only available via email and asked that the payment was made immediately. Kurran’s email said he was aware this payment was outside internal procedures but that it was urgent and asked for proof of payment once it was made. Without consulting any members in her team or following the company’s internal processes, Mary sent the funds.

Mary believed the man she was corresponding with was genuinely her CEO and not a criminal who had hacked and subsequently sent out email on behalf of the CEO. By the time she realised what had happened it was too late, and the company lost all the money as a result.

*Case studies are based on insights from partners

If think you might have been scammed, contact your bank immediatelyYou can also report it to Action Fraud on 0300 123 2040 or via actionfraud.police.uk. If you are in Scotland, please report to Police Scotland directly by calling 101. 

Always remember

Confirm urgent payment requests directly with the sender in person or over the phone


Be wary of unexpected emails or letters requesting urgent payment, even if it appears to be from someone in your own business


Be careful with the type of information you share online about your business


Educate employees on CEO scams and update them on the latest threats


If you have visited a website you think is supicious you can report it to the National Cyber Security Centre.


Ensure employees feel comfortable approaching senior staff to verify payment requests and are aware of the types of requests they should be expecting


Make sure all staff check for irregularities before processing payments and changing bank details

Scam warning: Criminals may purport to be from Take Five, using our official branding on websites, social media posts, literature, on the phone or by text. Take Five doesn’t provide endorsement or approval for any products/services and would never call or text anyone.