Become a Partner
Back to Resource Center

What is CEO fraud? And what you can do against CEO fraud as an organization.

What do CEO fraudsters do?

Unfortunately, fraud is common nowadays. Not only individuals but also companies are often the target. A common form of fraud is CEO fraud. In this article, we take a closer look at the characteristics of CEO fraud and how you can prevent this form of fraud.

How does CEO fraud work?

CEO fraudsters abuse authority. For example, the fraudster sends an email on behalf of a high-ranking person within the company. This is where the term CEO fraud comes from. For example, a fraudulent payment order is sent to an administrative employee of your company, in which you request to deviate from the regular payment process because there is an exception or an emergency. The fraudster can also request to change a specific account number. Fraudsters often seek contact by e-mail or telephone.

Image of a drawn hand holding a phone where phising is described

How do criminals carry out fraud?

Cybercriminals often conduct thorough investigations before actually committing fraudulent activities. They often use various techniques, including social engineering. This technique attempts to crack the weakest link (humans) in computer security.


In the case of phishing, cybercriminals try to gather relevant information about your company. These criminals try to trick employees into providing private information via email, text, or phone calls. For example, they may pretend to be a bank or a reputable government agency. Cybercriminals also sometimes build fake websites that look exactly like real websites. Important private data thus gets to the cybercriminals and they can use it to properly execute the CEO fraud attack.

Spear phishing

Spear phishing is a targeted method of phishing that targets a specific company or employee. Spear phishing is therefore more often used by CEO fraudsters. Often, cybercriminals send a message via email from a legitimate sender. They can do this by hacking the email addresses of employees.


Another common method used by cybercriminals is pretexting. The attacker concocts false circumstances to trick the victim into accessing sensitive information or protected systems.

CEO fraud examples

CEO fraud can be recognized by several characteristics. In this section, we discuss some examples of CEO fraud.

Abusing the hierarchy

CEO fraud abuses the authority of a CEO. The fraudster places a payment order with an employee. If this is not paid, the so-called CEO threatens major consequences.

Sometimes the employee also receives compliments from the fraudster. The fraudster indicates that the employee has exceptional qualities and is therefore allowed to carry out the assignment in secret.

Emphasizing Confidentiality

The so-called CEO indicates in this case that this is a confidential transaction and that it may not be shared with anyone within the company. Strict privacy legislation is being abused. The so-called CEO emphasizes that the assignment may not be shared with other colleagues. The main goal is to keep the fraudulent activities secret for as long as possible.

Fake emails

Often the emails are sent with a fake email address. The e-mail address is very similar to the real e-mail address, but often they are slightly different. In some cases, the fraudster may send messages from a verified email address. Through phishing, criminals obtain passwords, which they use to log in to email addresses and then send fraudulent messages.

Protect your company against CEO fraud

It is important to properly protect your company against CEO fraud. Many companies have already become victims of this with often far-reaching consequences. With the tips below you can prevent CEO fraud within your company.

Be alert to irregular payment requests

It is important that employees are alert when dealing with irregular payment requests. Inform all your staff regularly about any fraudulent activities. Clearly indicate where they can go in case of irregular payment requests or other unusual phone calls or requests. New employees must also be informed of this quickly.

Check all payments

It is wise to have unusual payment requests checked by a second person. Despite the fact that not all unusual payment requests are fraudulent, this way you reduce the chance of erroneous transfers to bank accounts of cyber criminals. Although it is an extra step in the business process, in the end it is very valuable.

Be careful when disclosing information about your company

We also advise you to be careful when providing information from the company. For example, it is nice to put information about all employees on your company page, but this can also work to your disadvantage at the same time. This information can be used against your company. For example, it can be misused to create a sense of intimacy. So take a good look at what information you publish about your company in public.


We are always there for you, promise!

Register now for free and never stress about cyber crime again.

Start 14-day free trial

Protect yourself better with a virtual private network

With a virtual private network, you are less visible on the internet. All employees of your company leave traces on the internet. This can also be company-sensitive information. For that reason, it’s not a bad idea to use a VPN. This is an encrypted connection between your computer and the internet. With a VPN connection, you can access the internet anonymously.

What should you do if your company is a victim of CEO fraud?

Has your company unexpectedly fallen victim to CEO fraud? Then it is important to take action as quickly as possible. Notify your bank’s cyber department as soon as possible. In some cases, a transaction can still be canceled. Also, contact the police and the fraud helpdesk.

It is also wise to take action within the company itself. Notify all staff of the circumstances and schedule an emergency meeting. It is then important to take measures to prevent more fraudulent activities.

Do you also want to be better protected against CEO fraud? Sign up now for the free 14-day trial at Guardey.

We are always there for you, promise!

Register now for free and never stress about cyber crime again.

Start 14-day free trial

Frequently Asked Questions

What is Guardey in short?

You just want to know what Guardey is, in a few lines, not scrolling through the whole website. We got you covered. Here you are:

Guardey focuses on three parts of your cyber security:

A safe and encrypted VPN connection via Guardey’s secure infrastructure or a Site-to-Site VPN.

We analyze information packages from the data going through the VPN tunnel, give clear insights into your data infrastructure, and provide alerts in case of threats like ransomware, viruses, and irregularities in your network.

Your cyber security is as strong as your weakest link. With Guardey, you can educate your whole team and increase awareness in a fun and efficient way through gamification.

It’s an advanced software as a service with applications for Windows and Mac OSX and an online platform for reporting and managing your teams and company policies.

How does the free trial works?

Your free 14-day trial with Guardey is based on our Basic plan. In our basic plan, all the alarms will only be available for yourself or your own company, and you manage the alarms in-house. We don’t need any payment information to start your trial, and you can invite as many users as you want.

The majority of SMEs don’t have an in-house IT department or a team of cyber security specialists. Therefore we also offer Guardey co-managed and Guardey custom. In both plans, you are able to connect Guardey to a preferred Guardy IT partner or, of course, your own IT partner.

They can semi or fully manage the alarms and the health of your infrastructure so that you can focus on your business.

After your 14 days of the free trial, you can decide if you want to continue with a paid plan. Upgrading during your trial period means you stop your trial and upgrade to a paid plan. You need a verified payment method to upgrade.

How can I pay after the trial period?

We don’t ask for any payment information to start your trial.

If you want to upgrade during or after your free trial to a paid plan, you can use one of the below payment methods:

  1. Credit cards (Visa, MasterCard, American Express, Maestro, PostePay, Cartes Bancaires)
  2. PayPal
  3. Direct Debit (iDeal SEPA)
Can I up- or downgrade to a different plan?

Yes you can! You can always upgrade immediately and costs are calculated pro-rata on your next invoice. A downgrade will be effective from your next payment period.

Want to ask more questions?
Get a personal demo

Get the latest resources & news, delivered directly to your inbox.

Anouk ter Harmsel

Let's protect your business!

  • Try completely risk free
  • 24/7 support
Start 14-day free trial
Hey, wait!

Before you go, let us offer you a free 14-day trial.