How to spot and prevent CEO fraud

  • Check the sender email address

    Hover over the email address or click on it to make sure you're seeing the actual email address of the sender and not just the email "From" or “Display” name. An email "From" name can be chosen by the fraudster - so they may set this to your CEO’s email address or name, so it appears to come from them. If you click or hover over it, the true email address will be displayed and you'll be able to see whether it's genuine.

  • Question anything unusual or urgent

    If the email asks for an urgent payment transfer, or help paying an overdue invoice, or, if you’re in HR, for sensitive employee data - question whether these requests usually come from your CEO or this executive.

  • Verify over the phone or in person

    Don’t be embarrassed to call the executive or ask in person whether they made the request, or ask your manager. If you’re unsure, it’s always better to check.

  • Train up your staff

    Staff awareness is key. Review your internal processes and introduce regular emails and tests to help make staff aware of fraud, and know how to spot and report it.

  • Install anti-fraud software

    There’s plenty of software you can use to help you assess risks and detect fraud, including alerts for risky activity on a corporate device. Having up-to-date anti-fraud software reduces the risk of cyber attack, malware, ransomware, data breaches and ultimately losing the business money.