As many businesses change their working practices to deal with the Coronavirus, fraudsters are using these changes as an opportunity to undertake scams.
These cybercriminals are requesting urgent payee changes by phone and email by pretending to work for suppliers or business associates.
From a mix of data sourced from the dark web and information obtained from social engineering, their instructions appear to be genuine and can be hard to spot, with only the slightest variations to email addresses or correspondence.
Fraudsters can also use sophisticated methods to hack and monitor email accounts and insert fake emails containing new bank account details, so it is prudent to be aware of these scams.
Tips to help
To help you stay safe, here are some practical security measures to help protect your business:
✅ Have a strict payment process in place. Regularly review these internal controls, so they are fit-for-purpose.
✅ Don’t allow staff to be pressured by urgent requests, even if they appear to be from someone senior. Always check with a known contact on a trusted number
✅ When receiving bank account details to make a payment, pay an invoice, or as a request for a change of bank details, always call a known contact to verify the request is genuine using details held on file, and not on the instructions received.
✅ Always check for irregularities including changes to supplier names and addresses and changes to invoiced amounts. Ensure staff who process payments and have the authority to change bank details are vigilant.
✅ Set up dual-authorisation procedures for changes of payment information, so more than one person needs to approve them.
We’ll keep updating you with regular hints and tips and remember, our team members are all working remotely and available to help with any IT problem your business or staff are facing.
Feel free to contact us during normal office hours on:
☎️ 03301 241 009Back to all articles