Updated Cookies Policy - you'll see this message only once.
CEO impersonation is a type of fraud that is enabled via social engineering. Social engineering is the manipulation of situations and people that results in the targeted individuals divulging conﬁdential information. Fraudsters pretend to be a senior manager – often the CEO – in order to persuade a staff member to make a payment.
This fraud is a request, often made via email, purporting to come from a senior person in the company, normally to the accounts department, requesting an urgent payment to a supplier or partner.
The fraud attempt sometimes occurs when the senior person is out of the office, and the request may outline that the transaction is conﬁdential and sensitive in order to discourage further veriﬁcation.
For instance, the fraudster may try to convince the victim that their company is about to acquire another business, and the payment is needed as a down-payment for the confidential deal.
Derek has become an office legend simply by spotting scams and, in turn, saving his company big money. Want to know how he does it?
A client received an email purporting to be from the Financial Director instructing that 50% of an invoice be paid to an account. The payment of £75k required approval and was held for security checks by Barclays’ fraud prevention team.
When contacted by Barclays, the client confirmed the payment was genuine and it was released.
The client then received a second email which appeared to be genuinely from the Financial Director requesting the remaining 50% be paid to a different bank account. This payment was not held for any security checks.
The fraud was discovered when the genuine beneficiary reported that they had not received their payment. The client informed them of the bank accounts they had paid, and the supplier advised that the accounts did not belong to them.
It was not the client’s policy to verbally confirm payment instructions of this type as it appeared to be an internal email. The client believes that the email account belonging to the Financial Director had been compromised and reported it to their IT department for further investigation.
The fraudsters had moved the money before the alarm was raised, leaving only a small amount available for recovery.
If you believe you’ve fallen victim to CEO impersonation, contact us immediately. Our team will try to recover the money from the fraudster’s bank account. The quicker you alert your bank, the greater the chance of recovering the funds.
Report it to ActionFraud – the police’s national fraud and cyber crime reporting centre. Even if you’ve not suffered any financial loss, this will allow the police to analyse trends and help them to prevent fraudsters exploiting other companies. You can file a report via their website at www.actionfraud.police.uk (opens in a new window).
If you receive a suspicious email that appears to be from Barclays, please forward it to email@example.com and then delete it from your email account immediately.
If you have any queries, please speak to your Relationship Director.
If you fall victim to fraud on your Barclays payment channels, call the Online Fraud Helpdesk immediately on:
Fraudulent attacks, even if unsuccessful, should be reported to Action Fraud by calling 0300 123 2040.
The Little Books of Big Scams – Business Edition
If you have any questions or concerns about fraud contact us:
0330 156 0155 / 0800 056 4890*
Your eligible deposits with Barclays Bank PLC are protected up to the FSCS compensation limit by the Financial Services Compensation Scheme, the UK's deposit guarantee scheme. This limit is applied to the total of any deposits you have with the following: Barclays, Barclays Corporate Banking, Barclays Investment Bank, Barclays Private Banking and Barclaycard. Any total deposits you hold above the limit between these brands are unlikely to be covered. For further information visit www.fscs.org.uk^ (opens in a new window).
Barclays Bank PLC is registered in England (Company No. 1026167) with its registered office at 1 Churchill Place, London E14 5HP. Barclays Bank PLC is authorised by the Prudential Regulation Authority, and regulated by the Financial Conduct Authority (Financial Services Register No. 122702) and the Prudential Regulation Authority. Barclays is a trading name and trade mark of Barclays PLC and its subsidiaries.
‡This link takes you to a Barclays Bank UK PLC website
*Lines are open Monday to Friday, 8am to 7pm. To maintain a quality service we may monitor or record phone calls. Call charges and information.
^You are about to link through to a non Barclays site. Please note that Barclays is not responsible for the accuracy or content of this website, and is not recommending it or giving any assurances as to its standing. Barclays does not accept any liability for any loss or damage suffered as a result of its use.