Digital Sabotage: The Rise of Disinformation Attacks Against Executives

In recent months, disinformation attacks targeting high-profile executives have surged across platforms like Telegram, X (formerly Twitter), and fringe forums. Threat actors have used fabricated email exchanges, deepfake audio clips, and manipulated documents to falsely implicate corporate leaders in insider trading, fraud, and misconduct. These narratives often gain traction among online influencers before analysts can intervene, triggering market volatility, reputational damage, and organizational disruption.

In today's information-rich environment, reputation is an asset and a vulnerability, especially for high-profile executives. Coordinated disinformation campaigns, once confined to geopolitical conflicts, now frequently target corporate leaders. Threat actors – including activist groups, disgruntled insiders, and commercial rivals – exploit open and hidden digital ecosystems to distort perception, destabilize leadership, and damage brands, underscoring the urgent need for proactive monitoring of emerging reputational threats.

Anatomy of a Disinformation Campaign

Coordinated campaigns often start with a fabricated or manipulated narrative seeded through fringe platforms or anonymous accounts. Bots and coordinated engagement give the appearance of viral legitimacy. Without real-time intelligence, these falsehoods spread unchecked, distorting perception, triggering internal confusion, and pressuring leadership into reactive decisions. Key forms of executive-targeted disinformation include:

• Fabricated allegations of misconduct or fraud: In May 2025, Zepto CEO Aadit Palicha alleged a coordinated smear campaign orchestrated by a rival company's executive. The campaign sought to damage Zepto’s IPO prospects by spreading misleading narratives about its financial integrity. Palicha publicly addressed the disinformation to reassure stakeholders.

• Impersonation accounts mimicking executives: In mid-2024, cybersecurity researchers uncovered a wave of fake LinkedIn profiles impersonating information security officers at Fortune 500 companies. These fraudsters used these  accounts to post misleading company updates, including false layoff announcements, sowing confusion among stakeholders before platforms intervened.

• Deepfake audio or video content: In October 2024, attackers created a deepfake audio clip using the voice of Wiz CEO Assaf Rappaport. They deployed the fake audio in an attempted spear-phishing campaign, prompting the company to issue a public warning and elevate internal security protocols.

• Leaked – but altered – internal documents: In 2023, a forged internal memo from the European Commission suggested internal dissent over renewable energy policies. Investigators later determined the document threat actors leaked a forged internal memo. They had selectively edited the document likely to influence public opinion during policy negotiations.

Why Executives Are in the Crosshairs

Corporate leaders influence shareholder value, brand reputation, and public trust, making them high-value targets for adversaries seeking maximum impact with minimal effort. Threat actors exploit this visibility to maximize disruption. Disinformation campaigns have:

• Synchronized with earnings reports to trigger stock volatility

• Amplified false HR controversies to pressure resignations

• Spread counterfeit communications to manipulate investors

Executives who maintain a public profile or digital presence – especially those in controversial sectors, such as cryptocurrency and technology – remain most at risk and these campaigns impact more than a corporation’s or an executive’s reputation:.

• Investors may lose confidence

• Board members may demand internal investigations

• Threat actors may escalate to doxxing

• Business deals may stall or collapse under media pressure

How Concentric Can Help

Concentric provides real-time intelligence to detect, investigate, and mitigate executive-targeted disinformation by utilizing open-source intelligence (OSINT) and Deep and Dark Web (DDW) monitoring to stay ahead of emerging reputational threats. These steps allow us to provide:

• Narrative Detection: Monitoring of executive mentions across OSINT, DDW, and fringe platforms.

• Risk Mapping: Identification of high-profile individuals with elevated threat exposure.

• Attribution Support: Investigation into adversaries’ intent and origin.

• Counter-Disinformation Advisory: Strategic messaging and rapid response support.

• Executive Protection Integration: Coordination with physical security for reputational spillover threats.

In an era when falsehoods can outpace facts, executives require more than conventional reputation management – they need proactive, intelligence-led defense strategies. Contact Concentric’s Global Intelligence team to learn how we can help you anticipate, adapt, and act – before disinformation defines the narrative.