Top 4 Tricks Used In CEO Fraud Attacks

by | August 29, 2021 | Cybersecurity, How to

Scammers are getting more creative with their strategies by the day when it comes to CEO fraud attacks. This article will walk you through the sneakiest and most popular tricks in a hacker’s arsenal.

What Is CEO Fraud And How Do CEO Fraud Attacks Work?

CEO fraud scams are a type of phishing attack in which scammers impersonate a CEO via email and trick employees into transferring money or providing confidential company data. This social engineering technique preys on the trust of the email recipient.

Cybercriminals will impersonate the company CEO or other executives and require employees, usually in the HR or accounting departments, to send out a wire transfer, update account data, or provide account information.

CEO fraud can range from gift card scams to wire fraud and cost US businesses $1.7 billion in 2019.

Keep reading to discover the top 4 tricks used in CEO fraud attacks.

1. Applying pressure

Gift card scams are some of the most widespread spear-phishing. They have become a hackers’ favorite because they are easy to execute but difficult to trace and can be very rewarding with little effort.

Usually, a scammer will impersonate a CEO and claim they are in a meeting and urgently need to purchase gift cards for a client. Typically, the hacker will claim the gift cards are a surprise for employees, which is a social engineering technique to manipulate the victim into keeping the request a secret. In addition, due to the task’s urgent nature, the targeted employee will rush to accomplish it without questioning the details too much.

Put yourself in your employees’ shoes. The fear of not coming through and disappoint your CEO would put a gargantuan weight on your shoulders. Maybe the pressure would not be significant if it was Jane from accounting who made the request, but if it comes directly from the CEO, it is a big deal in your employees’ minds.

CEO fraud attacks usually urge the victim to complete a task.

Moreover, many victims of CEO fraud attacks previously had little to no contact with the CEO. This makes the victim more vulnerable to the scam, as the malicious email catches them off guard. And if the request is the first-ever communication between the victim and the CEO, they will feel not only pressure but also a strong desire to please and meet their boss’ expectations.

2. Pretexting and social engineering

The majority of CEO fraud attacks victims are not used to communicating with the CEO. Therefore, they are not familiar with the CEO’s communication style and what they would or wouldn’t do or say, giving the scammer a valuable advantage.

Pretexting, a common social engineering tactic, opens a line of communication with the victim to ease them into the request. Unfortunately, this also allows the scammer to set expectations (Don’t tell anyone about this; it’s a surprise) and gather additional information to help them succeed.

Sometimes, the hacker will email the target multiple times to check their progress on the task given, ensuring that no one else is aware of the transaction and applying more pressure.

3. Sending the emails from mobile devices

Considering CEOs are busy people, you’d find it logical that they would mostly communicate with their subordinates from their smartphones. Spear-phishing emails sent from a mobile device create the impression that the CEO is out of the office. This benefits the hacker in more than one way.

Firstly, it creates the illusion that the CEO might need assistance since they are not in their office and possibly don’t have their laptop at hand. Secondly, it makes room for small grammar and spelling mistakes that are forgivable on a mobile device and if the message is written quickly.

Finally, and most importantly, this technique increases the chances of overlooking details of the spoofed email. For example, if the hacker spoofs the CEO’s name but not the corporate domain, it’s reasonable for the employee to think that the CEO made a mistake and sent the email from a personal address.

4. Deep fakes

Deep fakes are relatively new in the landscape of business email compromise. However, they have proven to be highly effective when engaged in phishing attacks. Furthermore, there are artificial intelligence-based tools already available on the market that cybercriminals can use to mimic a CEO’s voice.

According to The Wall Street Journal, in 2019, a CEO of a UK energy company received a call from the chief executive of its German parent company—only it wasn’t his chief executive. Instead, it was a hacker mimicking the voice of the chief executive in Germany with the help of deep fake software and requesting a wire transfer payment to a supplier. The result was a $243,000 payment to the hacker, who soon called back asking for more, which tipped off the CEO.

Deep fake software is available to anyone, effective, and pretty cheap. But, unfortunately, companies still don’t have an answer for it. According to Computer Weekly, 77% of cybersecurity decision-makers are aware of this new threat, but only 28% of them have a plan to defend against it.

Fight CEO Fraud Attacks With ATTACK Simulator

When you equip your employees with extensive and relevant knowledge on how to spot the red flags of a phishing attack, they can take their time to calmly examine the situation and take in all the details the devil may be hiding in, which otherwise would go unnoticed.

To objectively assess your company’s exposure and vulnerability to CEO fraud and any other form of phishing, you can use our free security awareness training trial.

Our life-like phishing simulations will expose your employees to realistic hands-on fake phishing attacks.

Choose ATTACK Simulator’s Security Awareness Training program to provide your employees with the necessary security knowledge and up-to-date security practices to keep your company safe from scammers.


Work illustrations by Storyset

Communication illustrations by Storyset

Feature Image: Technology photo created by –

by Diana Panduru

Content writer for Attack Simulator. Passionate about all things writing and cybersecurity, and obsessed with driving. I sometimes indulge in pencil drawing, poetry, and cooking for fun.

There’s no reason to postpone training your employees

Get a quote based on your organization’s needs and start building a strong cyber security infrastructure today.