Director fraud - what is it and how can you avoid it?


Back in 2015, there was a wave of so-called director fraud – one firm in the US lost over £11million in a single instance.  However, it seems as though this type of deception might be rearing its ugly head once more, as advances in software make the task similar for criminals.  In this blog, we look at what it involves and how you can avoid it.


What is it?

Director fraud is where a criminal sends an email, usually to someone in a finance team or with financial responsibilities, purporting to be from a senior colleague such as a director or CEO

In some cases, the fraudsters use technology to falsify the origins of the email, giving it the correct ‘reply-to’ email address and signature.  In others they have been known to actually gain illegal access to genuine staff email accounts in order to write the email.

The names of senior staff are available by searching details at Company House or business networking sites like LinkedIn.  Sometimes fraudsters contact the staff members in order to harvest their details when they reply.  

Typically, the fraudulent email requests an urgent transfer of funds for a spurious reason, such as beginning a contract with a new client.  As soon as the money is transferred to the criminals’ account, it is withdrawn and they disappear.


How can you avoid it?

  • Members of staff with financial responsibilities specifically need to be aware of this type of fraud.
  • Establish and stick to a well-defined process for requesting and authorising money transfers.  If anything occurs outside this process, be suspicious and check it out.
  • With any requests that are out of the ordinary, verify the details personally by telephoning or speaking directly with the staff member – never use the contact details from the email.
  • As with many types of fraud, director fraud often urges you to act very quickly.  Be wary of this, even when the emails seem to have come from authentic sources.
  • Again, as with many fraud attempts, the scammers are not native English speakers and often use poor grammar or unusual phrases.  Read emails carefully and check for mistakes or strange words.
  • Promote computer security in every way you can – use robust passwords that you change often, keep your computer anti-virus and security software up to date, and never open attachments in unusual emails.


As leading accountants, you can imagine we’ve encountered many types of fraud, including those that have targeted our clients and indeed our own company.  Sadly, fraud is part of the online world.  If you want advice in tackling fraud, give us a call for an informal discussion, or check out the anti-fraud website from the police here.


Guide to phishing scams and fraudulent emailsHow to recover your cash from the fraudster