A CEO scam is when a criminal impersonates a CEO or senior manager to trick employees into making payments to the criminal. They gain access to your business’s email account or uses spoofing software to email a member of the finance team with what appears to be a genuine request. They may request payment details are changed and ask for urgent payment.
Criminals may target businesses over several months, building a picture of the structure of your firm and the employees responsible for authorising payments. Your website can sometimes reveal information about genuine suppliers that can then be used by criminals.
How to protect your business
Confirm urgent payment requests directly with the sender in person or over the phone
Be wary of unexpected emails or letters requesting urgent payment, even if it appears to be from someone in your own business
Be careful with the type of information you share online about your business
Educate employees on CEO scams and update them on the latest threats
Ensure employees feel comfortable approaching senior staff to verify payment requests and are aware of the types of requests they should be expecting
Make sure all staff check for irregularities before processing payments and changing bank details
A-Z of business scams
Take Five to Stop Fraud
Criminals are experts at impersonating people, organisations and the police. They spend hours researching you for their scams, hoping you’ll let your guard down for just a moment. Stop and think. It could protect you and your money.
STOP
Take a moment to stop and think before parting with your money or information. It could keep you safe.
CHALLENGE
Ask yourself, could it be fake? It’s ok to reject, refuse or ignore any requests. Only criminals will try to rush or panic you.
PROTECT
Contact your bank immediately if you think you’ve been scammed and report it to Action Fraud at actionfraud.police.uk or on 0300 123 2040.