Glossary
CEO fraud (BEC)
A scam where a fraudster impersonates a director or a partner in order to obtain an urgent transfer.
In CEO fraud, the fraudster impersonates a director, a supplier or a lawyer to demand a transfer presented as urgent and confidential. They play on authority and pressure, sometimes from a genuine hacked mailbox to appear credible. The best defence: always verify an unusual payment request through another known channel.
See also
SQL injectionAn attack that slips hidden commands into a form to manipulate a site's database.Cross-site scripting (XSS)An attack that injects code into a site to trap other visitors via their browser.Privilege escalationWhen an attacker manages to grant themselves more rights than they had at the start.Lateral movementA hacker's progression from a compromised machine to others, to extend their hold on the network.