CEO Fraud (Business Email Compromise)
Scammers impersonate executives via email requesting urgent wire transfers, often using AI to craft convincing messages.
What is this scam?
Business Email Compromise (BEC), also known as CEO fraud, involves scammers impersonating company executives or vendors to trick employees into making fraudulent wire transfers. AI makes this scam more dangerous by:
- Generating perfectly written, personalized emails in the executive's style
- Analyzing company communications to understand internal workflows
- Creating convincing fake email addresses that closely mimic real ones
- Even cloning executives' voices for phone calls
These scams target finance departments, accounts payable staff, and anyone with authority to transfer funds. The FBI estimates BEC scams cost businesses over $2.7 billion annually.
šHow This Scam Works
- Reconnaissance: Scammers research company via LinkedIn, identifying CFO, CEO, and finance staff roles and relationships
- Email compromise or spoofing: Either hack executive's actual email account OR create lookalike domain (company.com vs comp4ny.com)
- Timing attack: Monitor exec calendars via social media/assistants; strike when CEO is traveling/unavailable
- AI-crafted email: Use AI to analyze past emails and mimic executive's writing style, tone, and signature
- Urgent wire transfer: Request immediate payment to "vendor" or "acquisition target," citing confidentiality
- Bypass controls: Instruct employee to skip normal approval process due to "time sensitivity"
- Money laundering: Funds transferred to attacker-controlled account, often overseas, immediately moved to hide trail
š©Red Flags to Watch For
- ā¢Email requesting wire transfer comes unexpectedly or outside normal approval process
- ā¢Urgent tone with time pressure ("Need this done before end of business today")
- ā¢Request to bypass normal approval procedures
- ā¢Email address has subtle differences from real address (extra character, different domain)
- ā¢Email lacks normal signature or has formatting differences
- ā¢Sender refuses to discuss via phone or video call
- ā¢Instructions to keep request confidential
- ā¢Recipient is being asked to act outside their normal responsibilities
- ā¢Payment destination is unusual (new vendor, foreign account)
- ā¢Request references a "confidential acquisition" or "urgent legal matter"
š”ļøHow to Protect Yourself
- 1Implement dual-approval process for all wire transfers above threshold
- 2Verify any unusual financial request via phone call to known number (not one in email)
- 3Never use reply button - manually type email addresses for sensitive communications
- 4Hover over sender email address to verify exact spelling and domain
- 5Establish verbal verification codes for high-value transfers
- 6Train employees to question requests that bypass normal procedures
- 7Use email authentication (SPF, DKIM, DMARC) to prevent spoofing
- 8Limit public information about organizational structure and roles
- 9Create a culture where employees feel comfortable questioning executives
- 10Report suspicious emails to IT/security immediately, even if unsure
šIf You've Been Targeted
- Stop all communication with scammer
- Report to relevant authorities
- Secure your accounts (change passwords)
- Monitor for identity theft
- Warn others in your network
šReport & Get Help
Report fraud and get support through these official resources in your country:
š¬š§United Kingdom
- Action Fraud
UK fraud reporting
Learn More
Related Scam Alerts
Fake AI Customer Service
Scammers create fake customer service chatbots or phone numbers to steal credentials and financial info.
AI Government Agency Impersonation
Scammers use AI-generated calls, emails, and websites impersonating the IRS, Social Security, immigration, and other agencies to steal money and personal information.
AI-Enhanced Romance Scams
Scammers use AI chatbots and generated images to create fake romantic relationships and extract money.