This alert provides information and advice to charity trustees, employees and volunteers to help prevent CEO fraud at Christmas time.

The information contained within this Alert is based on reports made to Action Fraud, the UK's national fraud reporting centre, and follows previous advice from the Commission about the threat from CEO fraud.
What Is CEO Fraud and how are gift cards used to perpetrate this?
CEO fraud involves the fraudulent impersonation of a senior figure within a charity (often the Chief Executive Officer - CEO) with subsequent requests for the fraudulent transfers of funds by the charity to the fraudster's bank account (see the Charity Commission's regulatory alert dated 26/03/2018).
Action Fraud are reporting a new variation on this type of fraud whereby charities are targeted by fraudsters purporting to be the CEO (or a similar senior position within the charity) requesting that gift card vouchers be purchased for staff as a form of Christmas gift.
Once the vouchers have been purchased, the fraudster requests copies of the cards and their codes, allowing the fraudster to spend up to the value of the card.
Contact is typically made by email, usually from a spoofed or similar email address as the one the CEO or director of the charity would use.
What you need to do
- ensure that you have robust processes in place to verify and corroborate all requests requiring a payment or transaction