Companies lose thousands of pounds in email fraud
Employees who handle company finances have been warned to look out for a new email scam that could cost the business thousands of pounds.
Adrian Key, from Flex IT in Shrewsbury, said workers across the UK had been falling for the scam which involved fraudsters impersonating a senior member of staff to trick them into transferring money.
“As with all online fraud, the tricksters are constantly looking for new ways to target potential victims, and we’ve seen a number of cases locally where businesses have been caught out.
“The scammers have been targeting employees in finance departments by sending them emails which appear to be from a senior colleague such as the finance director or chief executive.
“They use software that manipulates the way an email looks so that it appears genuine and it arrives in the recipient’s inbox just like any other message.
“It asks the employee to make an urgent payment on the company’s behalf, often explaining the transaction must be made as soon as possible to secure an important contract. But the account the money is paid into is actually controlled by the fraudsters and the money is quickly withdrawn.”
Adrian said Financial Fraud Action UK had discovered that the scammers had hacked the email accounts of senior staff before sending the messages, and they’d also used information widely available on social media to glean information about the company such as the names of senior staff.
“Finance teams should always check any unusual payment requests directly, preferably in person or by phone to ensure the instruction is actually authorised.
“Standardise your company’s processes for requesting and authorising all payments, and treat any requests that stray from that procedure with extreme caution.
“Make sure your email passwords are strong and even if the message appears to be from someone in your company, check it out if it’s requesting an urgent bank transfer. Take a closer look at the style and language used in the message too – is it different from other emails you’ve received from that colleague previously?
“And don’t ever use the ‘reply’ option to respond to the email. Use the ‘forward’ option and type in the correct email address to ensure the message is being sent to the actual person and not the scammers.
“Companies have lost thousands of pounds as a direct result of this kind of fraud – don’t let yours become a victim too.”