-
CEO Fraud

CEO Fraud

Defeat the cheat at hide and seek

What is CEO fraud?

In CEO fraud, in attempts to persuade staff into making urgent payments or to transfer funds, criminals are posing as CEOs, as well as other members of staff within businesses such as system administrators or financial controllers. The requests are often made via email but can come via a phone call and are sometimes made when the real member of staff is out of the office. They may also ask for financial information such as reports, trade debtor lists and/or customer contact details for chasing payments.

It’s important to remember that even an apparently genuine email address may have been hacked, and that fraudsters may apply pressure by implying urgency as a means of persuading you to bypass controls around payments. Reference to the payment being ‘special’ or ‘secret’ should also ring alarm bells.

How to prevent CEO fraud

  • Independent verification: Independently verify any payment requests involving new beneficiary’s, amended bank details, or enquiries about payment processes – including those that appear to have come from internal emails or senior management
  • Employee training: Ensure all payments staff are trained, vigilant and empowered to challenge such requests
  • Restrict information: Be alert to how much information is revealed about your company and key officials through your website, social media and out-of-office automated replies.

What to do if you're a victim

  • Act quickly: Act quickly for the best chance of recovering funds
  • Contact us: If you believe you’ve fallen victim to CEO fraud, contact us immediately. Our team will try to recover the money from the fraudster’s account. Call the Online Fraud Helpdesk on 0330 1565 0155
  • Action Fraud: Report to Action Fraud - the police’s national fraud and cyber-crime reporting centre – even if the fraudulent attack has failed. Call 0300 123 2040 or file a report at actionfraud.police.uk

Confirmation of Payee

Pay attention to Confirmation of Payee alerts. These provide instant confirmation of whether the payee name and account details you enter match those held by the bank. While this offers some protection, it is not a substitute for your own fraud defences.

Wake up to the reality of CEO fraud

40% of CEO fraudulent attacks are targeted at SMEs. Ref: 1
£13.4m the annual value of CEO fraud losses. Ref: 2
432 reported CEO fraud cases. Ref: 2

How Derek became an office legend

By questioning a CEO request that didn’t feel quite right, Derek saved his company big money. Want to know how he does it?

Meet Derek. 

He works in accounts

Everyone loves Derek

Last week, Derek spotted an urgent payment request from the 'CEO' that didn't feel right

Turns out Derek saved his company from going under 

A fraudulent email from your 'CEO' could cost your company millions

Be more like Derek: double check the email address, don't rush to make a payment, verify the details on the phone.

Your next steps

Report fraud

To report any fraudulent activity, or attempts, contact Barclays Corporate fraud on 0330 156 0155* or if calling from overseas dial +441606566208.

If you receive a suspicious email, send it as an attachment to  internetsecurity@barclays.co.uk and delete the email immediately.

Are you protected?

To keep yourself, and your organisation protected from criminals, ensure you keep up to date with our latest resources and advice.

Fraud and Scam Toolkit