We continue to see an increasing number of cyber fraud and related attacks on clients, and the unfortunate fact is that some of these do prove successful.
With the holiday season upon us and the potential for businesses to be running with reduced numbers and skeleton staff there is no doubt that the fraudsters may see this period as a new opportunity.
Below are some rules to follow to help stay safe:
- Beware of emails to Accounts and Finance teams purporting to be from Senior Management asking for either urgent payments to be made to new beneficiaries or requesting details of internal procedures for making urgent payments. The email addresses are spoofed and appear completely genuine. Look out for spelling mistakes and phrases used and if in any doubt pick up the phone to your colleague.
- Invoice or Payment Fraud continues to catch businesses out. Ensure you verify beneficiary bank details by phone with a known contact before changing bank payment details.
- Never share PIN, passwords or authorisation codes.
- Do not assume a caller is genuine because they have information about you.
- Don’t trust caller ID, it can be spoofed.
Be wary of;
- Anyone who calls to discuss any banking details, payments, transfers etc.
- Callers who ask you to hang up the phone and call them back.
- Always take time to validate any such request to ensure that the person making the request is who they say they are and has the required authority.
- Avoid replying to emails, take care when clicking on any links or opening attachments, and be careful when calling back taking care to use independently obtained contact details.
To assist further you may find the below documents helpful in protecting you against fraudulent activity:
Protecting your Business From Cyber Fraud
Action Fraud Leaflet
Little Book of Big Scams Business Edition