I think many of us have now heard the phrase cyber-attack on numerous occasions, especially in the event of huge cases being highlighted by the media. But perhaps it’s the smaller cases where companies are getting well and truly duped, simply because the cyber criminals are getting smarter about the way they fraudulently extract money from their victims.
One such recent issue has come to light whereby unsuspecting companies are willingly handing over money to companies who they believe are their genuine suppliers. An e-mail account from a legitimate supplier is hacked into and ‘taken over’ by the perpetrators, unbeknownst to either the recipient or the person who owns the e-mail account.
They will then be able to intercept messages and find legitimate invoices; they alter the invoices and request payment to be made to an alternate bank account than the standard one previously used. The victim company believe this to be a genuine request from their usual contact and complies; thus sending their invoice payments to a bogus bank account and the criminals don’t have to lift a finger.
So what can you do?
Well hopefully if you’ve read this then you’re already one step ahead, but it pays to make sure your employees are at their most vigilant in order to avoid this kind of scam in the future.
- If you or your employees receive a request for payment, especially from a regular supplier including a change of their regular bank account, a quick call to your contact and the bank should quickly confirm whether it’s a bogus request. Do not trust an e-mail response in this case.
- Educate your staff on the risks involved with this particular type of fraud, and make sure you have rigorous IT security controls in place.
- Don’t forget a comprehensive insurance policy will cover your company for losses in such events, so be sure to find the best cover that suits your company needs.
Print 
PDF