What Is CEO Fraud?

CEO fraud––also known as business email compromise––is a version of spear-phishing that involves a hacker impersonating a senior executive within an organization’s hierarchy in order to convince another high-level employee to perform a given action or provide certain information. The requests usually involve things like wiring money or sharing confidential information and are usually worded in such a way that make the requests appear urgent and time-sensitive.

CEO fraud often involves spoofing. In the case of CEO fraud, the hacker uses the name of an actual senior executive but changes the executive’s email address by only a character or two so that, at a quick glance, it looks legitimate. CEO fraud can lead to significant plunder for the hacker and to great, and sometimes public, embarrassment for the employee who falls victim to the scheme.