Senior executives' expanding digital footprints are creating fresh exposures for UK corporates, with half of businesses targeted by fraudsters impersonating senior leaders in the past year, according to a new research from Gallagher.
The global insurance broking and risk management firm reported that 50% of organisations experienced at least one executive impersonation or deception attempt in the past 12 months. Confirmed incidents cost an average of more than £758,000, with the most serious single events generating losses of between £1.1 million and £5 million.
According to the research, executive impersonation has become a mainstream business exposure, with 56% of business leaders saying the frequency of incidents has increased over the past year.
Fraudsters are reported to pose as CEOs, CFOs or senior colleagues using spoofed email domains, compromised accounts, cloned voices and AI‑generated video. Employees are then pushed to authorise payments, release sensitive information or fast‑track approvals. The schemes are designed to exploit trust and hierarchy, with staff becoming more likely to respond quickly when a request appears to come from the top, especially if it is framed as confidential or urgent.
High‑profile global cases in which deepfake video or audio has been used to trick employees into making multimillion‑pound or multimillion‑dollar transfers have highlighted how realistic these scams have become, and the size of potential losses when controls fail.
AI‑enabled deception is now the top concern for directors in Gallagher’s study, cited by 51% of senior leaders and overtaking more traditional digital and physical security risks.
According to the research, 45% of organisations said they are highly exposed to phishing and social engineering, where fraudulent messages are used to elicit payments or confidential data. A further 40% report high exposure to deepfake scams that mimic a person’s voice, image or writing style, while 38% identified virtual extortion or impersonation as a major risk.
External studies have reported rapid growth in deepfake‑enabled fraud and underline how difficult it is for individuals to distinguish real from synthetic audio or video. In the insurance market, this is emerging as a small but fast‑rising subset of cyber and crime claims, often with comparatively high severities when large payments are involved. Underwriters are reassessing how social‑engineering and business email compromise events are treated in cyber and crime wordings, including limits, conditions and verification requirements.
Gallagher’s data indicates that threats to executives are not confined to screens and inboxes. The research found that 21% of organisations report travel‑related security risks, such as visits to areas with higher exposure to physical attack, while 13% said kidnap‑for‑ransom remains a concern.
The report also noted that senior leaders are easier to identify and track because job titles, locations and travel are often shared online. It highlighted kidnap‑for‑ransom as a particular issue for firms operating internationally in sectors such as marine, military and natural resources, and for companies working in emerging and developing economies.
Gallagher stressed that impersonation and extortion incidents have consequences well beyond direct financial loss. The research indicated that 48% of organisations reported increased staff anxiety following an extortion attempt, 46% experienced operational disruption and 38% suffered reputational damage or a loss of client trust.
In 39% of cases, organisations sought legal advice or reported incidents to regulators. Such events can trigger mandatory notifications and heightened scrutiny where potential breaches of data protection, financial conduct or governance requirements are involved.
The research comes as demand for cyber insurance and broader social‑engineering protection continues to grow, alongside concerns over loss trends and coverage clarity. There is renewed focus on how executive‑level exposures are addressed across D&O, crime, cyber and kidnap and ransom policies, and on the role of risk‑management measures such as staff training, payment‑verification protocols and rehearsed incident‑response plans.
Jonathan Rae, executive director, crisis management at Gallagher, said senior leaders’ visibility is “creating new opportunities for criminals” and that public profiles and online activity give fraudsters what they need to “convincingly impersonate executives and exploit the trust placed in them.”
“Executive risk is no longer confined to physical threats. Today’s attacks are just as likely to happen through inboxes, phone calls or video, using AI and publicly available information to manipulate employees and bypass controls," he added. "As the line between digital and physical threats continues to blur, organisations must recognise that executive exposure has increased significantly, and ensure their protection keeps pace.”
