It is more important now, more than ever before to trace, protect and manage your financial transactions securely. The impact of the global pandemic has seen businesses in every industry needing to adapt quickly and implement changes to their standard working practices. One of the biggest changes has been the enormous increase in digital communication and virtual engagement with customers replacing in-person activities. This means that secure IT technology systems are more valuable to businesses than ever before.
Unfortunately, as well as the concerns of these changes, we have also seen an increase in fraudulent activities and businesses losing money through scams including false documentation which appears to be from their suppliers, but which redirect payments to a fraudulent account. Often, this misdirection is only discovered when payments have already been sent and both the customer and the real supplier have been negatively impacted.
Financial Fraud Process and Red Flags
- A customer buys from their usual supplier
- The customer receives a document (email or letter) which appears to be from the supplier, requesting a change to the bank account for sending payment.
- The customer makes the change and makes the requested payment
- The real supplier contacts the customer requesting payment
- The fraud is discovered
Usually, the email account of the supplier has been compromised. An attacker enters their system, monitors the mailbox for payment instructions, financial transfers, customer contact information and details such as dates of invoice and payment terms.
Creating a document which looks like it is from the supplier – using their branding, logos and names or company references, to appear legitimate. They will contact the customer, requesting a change to the bank account where the payment is to be made. It is usually done at short notice prior to a scheduled payment, reducing the chances of the customer checking the information with their supplier.
The customer then makes the change, believing their supplier has requested it and make the payment. The fraud is only later discovered when the real supplier contacts them to say payment has not been received.
This form of deception is increasingly common, and we are regularly asked to help our customers and protect them from incidents of fraud in this manner.
Tips to Avoiding Fraud:
- Enable MFA (Multi-Faceted Authentication) on any email accounts
- Carry out due diligence with all suppliers to ensure that their security measures are adequate
- Instigate and adhere to a robust process of safety measures for confirming and inputting information
- If you receive any instructions for a change of bank details, or a request for an urgent transfer of funds outside of your usual schedule, validate this by using public contact details for the supplier and telephone to confirm
- Do not telephone using any contact information included in their documents. This may also be fraudulent. Use other sources of public information to source contact details if you do not already have them stored.
Online safety is vital to protect your business from attack. Reflective IT offer varied and multi-faceted, award winning, comprehensive IT services to businesses of any size, in any industry, tailored to meet the specific needs of your organisation.
Don’t let the increased pressures of the digital world impact your business, speak to our team today to find out how we can protect you against fraud, improve security within your existing systems, and streamline your digital portfolio. Call us on 0207 317 4535 or email us at support@reflectiveit.com.
