--- url: "https://xcademia.com/courses/ai-powered-social-engineering-and-ceo-fraud-defence" title: "AI-Powered Social Engineering and CEO Fraud Defence" description: "Two-day practitioner training on AI-powered phishing, voice cloning attacks, and CEO fraud defence. Designed for finance, HR, executive support, and procurement" publishedAt: "2026-04-14T05:19:57.398134+00:00" updatedAt: "2026-04-17T05:46:37.728995+00:00" type: course code: "CYB-0178" level: Practitioner duration_days: "2" track: "Cyber Warfare & Advanced Threat Defence" category: "Cybersecurity & Ethical Hacking" credential_tier: tier1 price_gbp: "2495" --- # AI-Powered Social Engineering and CEO Fraud Defence > A practitioner programme for staff who receive executive instructions, authorise payments, or grant system access, covering AI-powered phishing, live voice cloning attacks, and CEO fraud defence design. Develop the recognition skills and verification protocols to identify AI-generated impersonation in real time and build an organisation-wide AI social engineering defence programme. ## Overview AI-powered social engineering has transformed business email compromise from a crude impersonation tactic into a precision instrument. Phishing campaigns now craft hyper-personalised messages using scraped personal data and writing style analysis. Voice cloning attacks convincingly impersonate executives during live telephone calls. Contact centre fraud losses are projected to reach £44.5 billion. The weakest link is no longer technical infrastructure. It is the member of staff authorising a payment or granting access based on an instruction they genuinely believe is authentic. Over two mentor-led days, participants learn to recognise AI-generated spearphishing that exploits personal information, identify synthetic voice attacks during live calls, apply out-of-band verification protocols before executing any executive instruction, and design and run CEO fraud simulation exercises across their organisation. The capstone is structured in two phases: participants first conduct a controlled CEO fraud attempt using voice cloning tools, then design the organisation-wide defence protocol. This course is aligned with NCSC guidance on social engineering, FCA guidance on authorised push payment fraud prevention, and UK Finance fraud prevention standards for financial services staff. ## Prerequisites - Professional experience in finance, HR, IT helpdesk, executive support, procurement, or security management. - Basic familiarity with email, telephone, and video communication in a professional work environment. - No prior technical cybersecurity knowledge or background is required to attend this programme. ## What you will learn - Recognise AI-generated spearphishing that uses personal data to craft hyper-personalised impersonation messages. - Identify voice cloning attacks during live telephone calls using trained detection instincts and protocol triggers. - Apply out-of-band verification protocols before executing any executive instruction or authorising any payment. - Detect AI-generated email and messaging that mimics authentic executive writing style and communication patterns. - Design and run CEO fraud simulation exercises using controlled AI voice cloning tools within your organisation. - Build an organisation-wide CEO fraud response playbook covering detection, escalation, and recovery. - Monitor executive threat exposure across public data sources and dark web channels. ## Skills you will gain - AI phishing recognition and analysis - Voice cloning call detection - Video impersonation identification - Out-of-band verification design - CEO fraud simulation design - Executive threat monitoring - Social engineering response protocol - Staff awareness programme planning - Fraud escalation procedure design - AI social engineering defence programme ## Career progression - Finance Director - HR Lead - IT Helpdesk Manager - Executive Assistant - Procurement Lead - CISO ## Curriculum 1. **Module 1: Getting Ready** - Pre-reading: NCSC social engineering guidance and FCA authorised push payment fraud prevention guide - Introduction to the AI-powered social engineering threat taxonomy used throughout the programme - Accessing course resources and simulated phishing, vishing, and scenario materials - Course objectives, participant role mapping, and social engineering exposure self-assessment 2. **Module 2: AI-Powered Phishing: How It Works Today** - AI campaigns craft hyper-personalised messages using scraped personal data and writing style analysis - Anatomy of an AI-generated spearphishing email: what makes it distinctly different from generic phishing - Writing style mimicry: how AI replicates an executive's authentic communication tone and vocabulary - AI-generated impersonation at operational scale: thousands of personalised emails per hour per campaign - Hands-on analysis: distinguish AI-generated from authentic executive emails within a structured sample set 3. **Module 3: Voice Cloning: Anatomy and Live Demonstration** - Step-by-step anatomy of a vishing call using a cloned CEO voice: from clone production to target contact - The indistinguishable threshold: how few seconds of audio are sufficient to clone a voice convincingly - Live demonstration: a synthetic voice produced from a short real-world audio sample shown to participants - Subtle indicators in synthetic voice calls: what trained listeners can detect with practice - Contact centre fraud at scale: £44.5 billion projected losses from AI-enabled vishing operations 4. **Module 4: Synthetic Video Call Impersonation** - Real-time face-swap technology enabling live impersonation of specific individuals during video calls - The Kyiv mayor incident: real-time face-swapping successfully impersonating city leadership to European officials - How attackers configure convincing video call impersonation: background, lighting, and audio environment - Detection indicators available during a suspicious video call: what trained observers can identify - Response protocol: what to do immediately when you suspect a video call may be synthetic 5. **Module 5: Recognition Techniques and Detection Calibration** - Developing reliable detection instincts: pause, question, verify — before any action is taken - Audio indicators in live calls: unnatural pauses, pitch drift, and background audio discontinuities - Video indicators: lighting edge inconsistencies, unnatural eye contact patterns, and expression timing - Mandatory escalation points: when uncertainty requires out-of-band verification before any action proceeds - Calibration exercise: test detection instincts against a structured set of real and synthetic interactions 6. **Module 6: Out-of-Band Verification Implementation** - What out-of-band verification is and why correctly implemented it defeats AI impersonation attacks - Design principles for verification channels that an attacker cannot compromise or replicate - Code word protocol design: creation, distribution, rotation, and operational maintenance - Multi-layer authentication for high-value transactions: sequential verification across independent channels - Deploying verification in practice: minimising friction for legitimate transactions while blocking fraud 7. **Module 7: Executive Threat Monitoring and Exposure Reduction** - Monitoring senior leadership social media and public profiles for social engineering enablement data - Dark web monitoring: identifying executive credential and personal data exposure used for targeting - Reducing the publicly available information that enables hyper-personalised AI-powered attack lures - Protecting executive audio and video from interception used to train voice cloning and synthesis models - Briefing senior executives and board members on their personal exposure to AI social engineering 8. **Module 8: CEO Fraud Response Playbook Design** - Defining what constitutes a confirmed CEO fraud event requiring immediate incident response activation - Incident response steps: containment, evidence preservation, financial institution notification, and legal engagement - FCA and internal regulatory reporting obligations following a confirmed authorised push payment fraud - Recovery actions: reversing or recovering fraudulent payments where international banking channels allow - Staff debrief and programme improvement: integrating every incident into ongoing awareness training 9. **Module 9: Capstone: CEO Fraud Simulation and Defence Protocol** - Phase 1: participants conduct a controlled CEO fraud vishing attempt using voice cloning tools against a simulated target - Document the attack methodology, tools selected, and verification checkpoints successfully bypassed - Phase 2: design a complete organisation-wide AI social engineering defence protocol based on the attack experience - Deliverables: verification controls, escalation procedures, staff awareness programme, and incident playbook - Full instructor debrief: attack quality assessment and defence protocol completeness and effectiveness review ## Exam & certification You will receive an Xcademia certificate of completion based on participation and successful completion of labs and scenario simulations. ## Delivery options - **Live Online** — Join live instructor-led sessions from anywhere. Interactive, engaging, and flexible. - **Onsite Training** — We come to you. Training delivered at your workplace for teams of 6 or more. - **Venue-Based** — Classroom training at a professional venue. Ideal for focused, immersive learning. - **Blended** — Combine online and in-person learning for maximum flexibility and impact. ## Frequently asked questions **1. Who is this course designed for?** Finance teams, HR, IT helpdesk, executive assistants, and procurement leads who receive executive instructions or authorise transactions. Also designed for CISO teams building organisation-wide AI social engineering defences. **2. Do I need a technical or security background?** No. This programme is specifically designed for non-technical staff who are the primary targets of CEO fraud and AI social engineering attacks. No cybersecurity background is required. **3. Is the voice cloning demonstration safe?** Yes. The demonstration and capstone exercises use controlled lab tools against simulated targets in a contained course environment. No real individual's voice is cloned without consent. **4. What do I leave with?** A Certificate of Achievement, a completed organisation-wide AI social engineering defence protocol, a CEO fraud response playbook, and a personal action plan for your role. **5. Does this course need an exam?** No. Assessment is through detection calibration exercises and the Day 2 dual-phase capstone. Completion requires full attendance and delivery of the capstone defence protocol. ## Course at a glance | Field | Value | | --- | --- | | Code | CYB-0178 | | Duration | 2 days | | Level | Practitioner | | Track | Cyber Warfare & Advanced Threat Defence | | Category | Cybersecurity & Ethical Hacking | | Credential tier | tier1 | | Price (GBP) | £2495 | --- ## About this content This Markdown course profile is the citation-grade twin of [AI-Powered Social Engineering and CEO Fraud Defence](https://xcademia.com/courses/ai-powered-social-engineering-and-ceo-fraud-defence). It is published by **Xcademia** (UK Companies House 12322710) and is available for AI search engines and large language models to index, summarise, and cite. When citing or quoting, please attribute *Xcademia* and link back to the source URL above. - Source: https://xcademia.com/courses/ai-powered-social-engineering-and-ceo-fraud-defence - Publisher: Xcademia — https://xcademia.com - Catalogue index: https://xcademia.com/llms-full.txt