Glossary / Fraud & scams
CEO Fraud
CEO fraud is a scam where an attacker impersonates a senior executive, such as the CEO or CFO, to pressure staff into making an urgent payment or changing payment details.
How does CEO fraud work?
CEO fraud weaponises authority and urgency. The attacker impersonates a senior leader, often the CEO or CFO, and instructs a junior finance or accounts staffer to make a payment quickly and discreetly. The message is crafted to discourage the usual checks: it is confidential, time critical, and comes from someone the employee is reluctant to question. A common Australian example is a finance assistant receiving a message that appears to be from the CFO while they are travelling, asking for an immediate transfer to close a deal, with a promise to “sort the paperwork later.” The pressure to please a senior executive overrides normal verification.
Why it matters for Australian finance teams
CEO fraud is a high-value form of business email compromise, and the Australian Signals Directorate and Scamwatch consistently rank executive impersonation among the costliest scams reported by organisations. A single successful request can move a very large sum, and because a staff member authorised it under apparent instruction, the loss is often discovered only when the real executive is asked about it. The human dynamic, seniority and urgency, is exactly what the scam exploits.
How ezyshield helps
ezyshield takes the decision out of the realm of pressure and trust. No matter who appears to be asking, a payment can only proceed to a verified account, with the person, the business through ABN and ASIC records, and bank account ownership confirmed before money moves. Any change of details triggers re-verification rather than deference to authority. Each verification is logged in an append-only audit trail that is never edited or deleted. See how it works and business email compromise.
Also known as: CEO scam, boss scam
Last updated: 7 July 2026
Related terms
- Whaling Whaling is a form of spear phishing that targets senior executives, using highly tailored messages to trick them into authorising large payments or disclosing sensitive information.
- Business Email Compromise (BEC) Business email compromise (BEC) is a scam in which an attacker hacks or impersonates a company email account to trick staff into transferring money or changing payment details.
- Social Engineering Social engineering is the manipulation of people into revealing information or taking action, such as approving a payment, by exploiting trust, urgency, or authority rather than hacking systems.
- Spear Phishing Spear phishing is a targeted form of phishing that uses personalised details about a specific individual or organisation to make the fraudulent message more convincing.
See also: CEO fraud , Business email compromise , Accounts payable fraud prevention
Stop payment fraud before money moves
Verify the person, business, and bank account before any payment leaves your account.