What is CEO fraud and how to avoid it

CEO Fraud

The past five years have witnessed a significant increase in the number of scams related to email phishing.

CEO fraud, also known as “Business Email Compromise,” happens when an email is sent to an employee directing him/her to do a bank transfer that is usually made overseas as payment for an outstanding invoice.

The cybercriminals use the email account of the CEO or an executive of the company and mark the request as urgent, so employees are left with no choice but follow the order.

These email phishing scams can easily wipe out millions of dollars from a company. Awareness about CEO fraud is vital in preventing such crime from happening in your organization.

Which Groups Of Employees Are The Main Targets?

The groups of employees that are considered main targets for “Business Email Compromise” scams are those who have access and roles to funds and confidential company information. They are the following:

HR Office

The Human Resources office has access to every employee in the organization. It’s also in charge of managing the employee database and handling of recruitment. Cybercriminals perform the initial stage of their fraudulent plan by gathering data using spyware inside a resume. Since HR personnel open thousands of applicant resumes every month, the gathering of email addresses and social security numbers of employees become possible for criminals.

Finance Department

All wire transfers that the company makes pass through the finance department. Most organizations only require an order from a senior officer or the CEO via email to initiate the transfer of cash.

What cybercriminals do is study the process that a company undergoes when making large wire transfers, including the authorization protocols involved. They then send out a request to anyone in the finance department who’s authorized to transmit funds using a hijacked relevant email account.

IT Team

Since the IT team has authority over password management, access controls, and even email accounts, they also are high-value targets for CEO fraud activities. The IT team acts as the first line of defense of a company, so they have to fight off any data breach attempt effectively.  Once they get hacked, it would be so much easier for cybercriminals to gain entry to the other departments of the company.

Executive Team

Almost every member of the executive team has the authority to get into the financial transactions of a company. For this reason, they are a high-value target for “Business Email Compromise” crimes too. Executive email accounts have to be protected at all times. If one executive email account gets hacked, it would mean a breach of all confidential information and ongoing deals of the organization.

So, how can a company avoid being a victim of a CEO fraud attack? Are you protected? What pro-active measures your organization can take? Learn more below.

Reinforce Security Programs with Employee Training

All parties composing the structure of the organization, or the company should undergo cyber threats and phishing scams training. The said training should be a regular program for companies, even for those who don’t have roles in the company’s finances.

When a company keeps all employees up to date on the scam tricks that attackers use, the chance of preventing fraudulent activities from being successful is increased. The employee training will help a lot in promoting awareness and encouraging everyone to be vigilant when dealing with company transactions that may seem suspicious and abnormal.

Of course, extra and more specialized training should be given to employees who work in the finance department, human resources, and those who handle sensitive data like the company’s IT personnel.

Protect and Monitor The E-mail Channel Of Your Organization

CEO fraud starts within your company’s email channel, and these attacks have been evolving in recent years. So, you need a tool that can help you monitor the inbound and outbound emails of your organization and provide multiple layers of protection.

Email channel monitoring and protection allow companies to block threats and keep all confidential information within your control. It prevents them from getting into the hands of criminals.

Some of the benefits that you can get from email channel monitoring and protection tools include detailed firewall rules, detection of imposter attacks, identify phishing, malware, and spam attacks. Make sure your domain is protected through a DMARC record checker.

Initiate Session Monitoring

A session monitoring tool or functionality is ideal for companies that have systems with confidential, highly sensitive, and proprietary data. Initiating session monitoring would give the company a chance to proactively identify insider threats and take the necessary steps to prevent a “Business Email Compromise” attack in the future. Session monitoring allows for the monitoring, control, and record anytime the system is accessed.

Implement Multi-Factor Authentication for Login or Other Transaction

Multiple Methods of Identification or Multifactor Authentication is one of the most effective ways to add an extra layer of protection to the company’s system or the employee’s credentials. The company can use biometrics, digital certificates, one-time password tokens, smart cards, mobile push notifications, and mobile fingerprints for added security purposes.


CEO fraud targets companies, regardless of size. Its rapid growth is expected to continue in 2020. Scammers have been able to infiltrate even organizations with robust IT infrastructure. The attackers will always try to find a way, so a company has to be smarter to be able to combat cyberattacks. The tips on how to avoid CEO fraud above should be enough to counter even the most sophisticated strategies that scammers employ for their fraudulent plans.