Supposedly urgent payment request from the boss or CEO. Typically, the boss or CEO cannot be reached by telephone for further information.
The attackers obtain information about a company or association from various sources beforehand. This information is then used to devise a scenario and carry out a customised attack. The fraud itself frequently takes place by means of an email from the alleged CEO to the finance department or from the alleged chairman of an association to the treasurer. A credible story is used to persuade the person contacted to make allegedly urgent payments.