Businesses urged to be on guard against fraud
Leicestershire police cyber officer issues warning
BUSINESSES across Leicestershire are being urged to remain vigilant after incidents of fraud resulting in the loss of large sums of money.
Business Email Compromise (BEC), commonly known as mandate fraud, occurs when businesses are contacted by someone pretending to be one of their suppliers and informed they have changed their bank, requesting they amend the direct debit to reflect this.
Sam Hancock, Cyber Protect Officer for Leicestershire Police, said: “It’s not always businesses who fall victim to this type of fraud. Individual’s online bank accounts can also be hacked into and monthly payment details altered so that the money is transferred to the fraudster’s account.
“Fraudsters have also been known to claim they are calling from an organisation you have a standing order with and they request that you change the order to reflect a change in their banking.
“The standing order mandate is changed accordingly but the following month the organisation fails to deliver your products or a membership has been cancelled due to payment not being received. That money has ended up in the hands of the fraudster.”
If you are a business verify all invoices, as well as requests to change bank account details. To check a request is legitimate, contact the supplier directly using established contact details you have on file.
Access to sensitive financial information should be carefully controlled. Don’t dispose of confidential documents without shredding them first.
Check your bank statements regularly for any suspicious transactions. If you notice anything unusual, notify your bank immediately.
Mr Hancock said: “To protect important accounts, such as email, social media and shopping accounts, we very strongly advise applying #2FA (two factor authentication) to your account settings.
“This simply means when logging in, it will require an extra check in addition to the password, so even if a criminal knows your password, they won’t be able to access your accounts, as they will not be able to complete the second factor of logging in. For more information, visit https://www.ncsc.gov.uk/guidance/setting-two-factor-authentication-2fa Rebecca Hinchcliffe is a fraud investigator in the force’s Economic Crime Unit. She said: “We have had reports of a number of businesses falling victim to BEC. In some cases there have been losses of more than £1m.
“As a result of such losses some businesses can’t afford to continue, they have shareholders who lose faith in the business, suppliers decide they can’t trust the business as they don’t have sufficient controls in place and this may also lead to arguments between suppliers and businesses about whose system was compromised some even resorting to litigation.
“One recent case which resulted in a successful conviction in December last year related to an individual who tricked a house buyer out of a £55,000 deposit for his new home after hackers diverted the funds into a money launderer’s account.
“Fraudsters carried out the scam by accessing the email account of the victim’s conveyancing solicitor and sent a bogus message giving him details of where to send the payment. The defendant was jailed for 18 months and will also be the subject of further court proceedings under the Proceeds of Crime Act.
“If you have been the victim of a similar offence and haven’t reported it we would advise that you do so. In the first instance contact Action Fraud who will log the report and allocate it to the relevant police force.”
Further information and advice can be found on the Action Fraud website www. actionfraud. police. uk/ mandate-fraud