New Phishing Campaign Uses Fake 'CEO Mandate' for Email Signature

A new phishing campaign, identified by Cyber News - Erez Dasa, is currently circulating, leveraging a deceptive email that purports to be from a CEO. The email instructs recipients that, per a CEO directive, an organizational email signature supporting a specific cause will be added to all outgoing messages. Users are then prompted to click a link if they wish to opt out of this new signature.

This tactic is a clever social engineering play. Attackers are exploiting the common corporate practice of mandatory internal directives and the urgency often associated with ‘CEO mandates.’ By presenting an option to ‘opt out,’ they create a false sense of control and urgency, luring unsuspecting employees into clicking a malicious link. This bypasses typical skepticism towards unsolicited links by framing it as an internal administrative action.

Cyber News - Erez Dasa noted the attackers’ originality, highlighting how they’ve crafted a scenario that feels legitimate within a corporate context. The immediate goal is likely credential harvesting or malware delivery, turning employee compliance into a vector for compromise.