This website uses cookies

We use cookies to improve your experience on our website. If you continue without changing your settings, we'll assume that you are happy to accept all cookies on the CLC website. You can change your settings at any time.

CEO Fraud

CEO fraud is where the scammer manages to impersonate the CEO or other senior person (often the Finance Director) of the victim’s organisation to convince the victim to make an urgent payment to the scammer’s account.

To commit the fraud, the criminal will either access the company’s email system or use spoofing software to email a member of the finance team with what appears to be a genuine email from the CEO. The message commonly requests a change to payment details or for a payment to be made urgently to a new account.

How to stay safe from CEO fraud:


Always check any unusual payment requests directly, ideally in person or by telephone, to confirm the instruction is genuine. Do not use contact details from an email or letter.


Establish documented internal processes for requesting and authorising all payments and be suspicious of any request to make a payment outside of the company’s standard process.


Be cautious about any unexpected emails or letters which request urgent bank transfers, even if the message appears to have originated from someone from your own organisation.


Contact your bank straight away if you think you may have fallen victim to CEO fraud.

Invoice and mandate scams

In an invoice or mandate scam, the victim attempts to pay an invoice to a legitimate payee, but the criminal intervenes to convince the victim to redirect the payment to an account they control. It includes criminals targeting consumers posing as

conveyancers, builders and other tradespeople, or targeting businesses posing as a supplier, and claiming that the bank account details have changed. This type of fraud often involves the criminal either intercepting emails or compromising an email account.

How to stay safe from invoice and mandate scams:


Always confirm any bank account details directly with the genuine company either on the telephone or in person before you make a payment or transfer any money.


Criminals can access or alter emails to make them look genuine. If you receive an email telling you to change payment details do not use the contact details in an email, instead check the company’s official website or documentation.


If you are making a payment to an account for the first time, transfer a small sum first and then check with the company using known contact details that the payment has been received.


Contact your bank straight away if you think you may have fallen victim to an invoice or mandate scam.