Modern Day Fraud - How Could You Be Affected?

Technology changes so rapidly and the modern business world is very different to what it was even five years ago. This constant change, whilst good for business in many ways, has also precipitated a steep rise in fraudulent activity, which continues to evolve and requires individuals and businesses like yours to try and stay one step ahead.

Invoice Fraud (fraudulent change of account details)

This is the other main area that we wish to make you aware of. In summary, this is where you receive fraudulent approaches purporting to be from existing suppliers or creditors. The fraudster advises that the bank details for the settlement of future invoices should be changed. These approaches can be made over the telephone, by letter, fax and by email. The request is not necessarily accompanied by any specific request for payment but if the request is acted on, then the next legitimate payment will be made direct to the fraudster’s account.

Invoice fraud is sophisticated in that:

  • email addresses on letters use extensions similar to that of the genuine company but are in fact operated by criminals.
  • fraudsters telephone the company that they are targeting to ask for contact names so the correct ones appear on the letter.
  • letters use the same logo, letterhead and style as the genuine company.

The measures that you can take to guard against invoice fraud include:

  • closely scrutinise all requests for payment.
  • contact the supplier or creditor to independently validate requests for payment or to amend bank details, using contact details that are known to you from your own records etc.
  • do not amend any payment details until you are entirely satisfied with the authenticity of the request.

Computer and internet security

This may already seem familiar to you but is more important than ever especially as electronic payment has replaced face-to-face transactions in the majority of business (and indeed personal) situations. Examples of potential risks are as follows:

  • Phishing – This is the practice of sending emails at random, purporting to come from a genuine company operating on the Internet, possibly a company that you or your business may deal with.
  • Vishing – Typically this involves the fraudster telephoning and claiming to be from the bank. They may already have obtained details of your online user details and PIN and password as a result of you responding to a phishing e-mail. Details of recent payments made online may also be known by the fraudster. The aim of the call is for the fraudster to obtain your smartcard codes to make payments from your account.
  • Trojan – This is a type of computer virus which can be remotely installed on your computer without you realising.

Be wary of anyone who calls you and asks for confidential details. Our bank has made it very clear that they will never ask you to transfer funds, and never call or email for a PIN or password. They also suggest that if you receive a suspicious call, you should use a different line to call your bank back. Any pressure to dissuade you from calling back should sound alarm bells.

If you are a Bankline customer, there are a few measures that you can take to stay safe online, including the Dual Authorisation feature which enhances security by ensuring that two individual Bankline users have to authorise payment instructions. Also read any Bankline Broadcast Messages for news concerning fraud and security threats and choose your passwords carefully.

You should be suspicious of all unsolicited or unexpected emails, and opening attachments, even if they appear to originate from a trusted source (e.g. we are increasingly aware of emails to clients claiming to be from HMRC advising of a refund, which is something that it would never do). Be alert to emails sent from an Internet type account (e.g. Hotmail, Yahoo, etc). When keying in sensitive data into a website, check that it is a secure site (often denoted by an unbroken key symbol). If in any doubt, contact the owner of the web site on a known or independently verified contact number.

The following website address contains Government guidance regarding “cyber security”:

https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/412017/BIS-15-147-small-businesses-cyber-guide-March-2015.pdf

Summary

At Richardson Swift, we want to help you to minimise your business and personal risks as technology continues to develop at a fast pace. As such, whilst our bank has stressed that there is no specific increase in risk or an immediate threat at the moment, we wanted to heighten your awareness to modern day frauds in the business and personal environment by summarising the key issues.

If you want further details on any of the above please contact your usual director at Richardson Swift on 01225 325580.