We were made aware of two cyber frauds that we were asked to assist within recent weeks, and thought it would be helpful to share them.
In the first of the 2 cyber frauds, our client received an email from their supplier advising a change of bank account details for invoice payments. They acted on the email and made the payments. Frequent followers of our blogs will know the rest… Yes, it was a scam email and the new bank account was not from the supplier, but from the scammers. Our client lost £5k in the incident.
In the cyber fraud, our client received an email instructing new bank account information from their client (This is a B2C company). They called the client (whom they had never met, since they were overseas) to confirm the email, and having received the verbal confirmation transferred $21k. Unfortunately, it was a scam and the person they called was the scammer, not their client.
We are assisting both clients and the relevant authorities in tracing the emails in the hope that the perpetrators can be tracked down, in the meantime our clients are seriously out-of-pocket. Of course, there is no guarantee of success, especially if the scammers covered their electronic footprints.
So what can be learned from this? Well very simply businesses should have a policy in place for change of bank account information. The policy should include calling the supplier using the number you have on record for them – NOT the number they provide in the email. Ideally you should request a video call with them, especially if you know the person(s). You can also run a second check with another member of their company, ideally someone you know.
People are naturally trusting and its all too easy to trust an email from what appears to be a legitimate source. Nonetheless, it’s a simple matter to pick up the phone and speak to them, and nowadays no one should be offended that you are checking, in fact you will find they are pleased that you did.
These basic policies, and much more, are covered in our cyber hygiene courses. Highly recommended for all staff along with regular refreshers.
You can also visit our FAQs page to learn more about the importance of staying diligent.
Stay vigilant everyone!