// THREAT DETECTION AND DATA PRIVACY TERM
CEO Fraud
CEO fraud is a scam where an attacker impersonates a high-level executive to trick an employee into making an unauthorized wire transfer or sending sensitive company information. The attacker often creates a sense of urgency to bypass normal security procedures.

TECHNICAL DEFINITION
CEO fraud is a social engineering attack, a specific form of Business Email Compromise (BEC) and whaling, where an adversary impersonates a C-level executive (CEO, CFO) to manipulate an employee into executing unauthorized wire transfers or divulging confidential corporate data. The attack vector is typically a spoofed or compromised email account, leveraging authority and urgency to bypass financial controls.
BACKGROUND
Computer security is a subdiscipline within the field of information security. It focuses on protecting computer software, systems, and networks from threats that can lead to unauthorized information disclosure, theft, or damage to hardware, software, or data, as well as to the disruption or misdirection of the services they provide.
READ MORE ON WIKIPEDIASYNONYMS & ALIASES
- Business Email Compromise
- BEC
- whaling
- executive impersonation
- CFO fraud
- wire transfer fraud
- masquerading
USAGE NOTE
This term is frequently used in security awareness training to highlight the importance of verifying unusual or urgent financial requests, even if they appear to come from top leadership.
DEVELOPERS
Organizations developing technology related to CEO Fraud.
Develops a cloud-native email security platform that uses behavioral AI and data science to stop socially-engineered attacks, including CEO fraud and other Business Email Compromise (BEC) schemes, that bypass traditional secure email gateways.
Provides a suite of cloud-based email security services, including targeted threat protection specifically designed to defend against impersonation attacks, such as CEO fraud, by scanning inbound emails for signs of malicious intent and spoofing.
Offers advanced email security and threat protection solutions that use machine learning to detect and block BEC and CEO fraud attempts. Their technology analyzes various threat vectors, including domain spoofing, look-alike domains, and suspicious language.
A human layer security company that uses machine learning to understand human communication patterns and behaviors. Their platform helps prevent email-based threats like CEO fraud by detecting anomalies and warning users before they fall victim to an attack.
Specializes in identity-based email security, pioneering the use of DMARC authentication to prevent domain spoofing, a key technique in CEO fraud. Their platform analyzes email identity to protect against advanced email attacks.
Offers a self-learning email security platform that combines AI and human intelligence to detect and remediate advanced phishing threats, including CEO fraud. It uses behavioral analysis and user-reported feedback to identify and remove malicious emails.
An AI-based email security company that provides threat detection and response for internet service providers and enterprises. Its technology uses machine learning algorithms to detect and block sophisticated spear-phishing attacks like CEO fraud in real-time.
Provides phishing detection and response solutions that leverage a global network of human reporters. While focused on user training and awareness, their technology also helps to identify and quarantine sophisticated phishing emails, including CEO fraud attempts, that bypass other security layers.