Being aware of common threats, knowing how they work and what to look out for can help protect your business against falling victim to fraud.
Here are some of the common techniques fraudsters attempt to use to trick you into giving away your business information, banking details or even access to your computer.
If you’re calling from the UK, calls to 0800 and 0808 numbers are free from landlines and mobiles; calls to 03 numbers cost the same as calls to numbers starting with 01 and 02; calls to 0845 and 0870 numbers cost 3p per minute, plus your phone company’s access charge; calls to 0844 and 0843 numbers cost 7p per minute, plus your phone company’s access charge. Charges for calls made outside of the UK will be determined by your local provider.
Calls may be monitored or recorded for security and training purposes.
Scam messages can be very convincing and are popular with fraudsters. Fraudsters will deliberately mimic the contact details of the Bank, Police or other trusted companies to hide their true identity.
Scam messages will often imply a sense of urgency encouraging you to act fast, e.g. to call a phone number included in a text message to stop a fraud payment or include a request for personal information, or banking details such as password or security credentials.
Scam messages can lead to you speaking to fraudsters, who may try to trick you into providing account security such as; verification codes or token codes to move money out of your account without you realising. Remember we will never ask you to provide verification codes or token codes over the phone.
Some scam messages will contain links or attachments which, if accessed, will take you to a fake website that prompts you for your online banking details. The fraudsters then use your details to access your account(s) and steal your money.
Accessing fake websites or opening attachments in scam messages may install malware, a type of malicious software. This steals information and can be so sophisticated that it can work in the background to move your money, or trick you into believing that you've been unsuccessful in logging onto your online banking page and prompts you to re-enter your security details, which the fraudster captures.
Fraudsters may even try to trick you into allowing them access to your computer to steal your money.
All businesses, regardless of size, can become a victim of fraud. To protect your business from this threat always verify a request to change bank payment details. Contact your supplier directly using established contact details, before implementing the change or completing the payment.
If you hold a business account with us and think you may have fallen victim to an invoice redirection scam contact us immediately.
Fraudsters will do their research. They will often be aware of the detailed relationships between businesses and their suppliers and know when regular payments are due.
Fraudsters may attempt to intercept genuine invoices and change the bank payment details.
Alternatively, they may contact the business by telephone, email, letter or fax, posing as a trusted supplier to make a formal request to change the bank account payment details held.
If the business does not validate the change and settles the invoice, the funds go to an account that the fraudster has access to.
The fraudulent payment is then quickly transferred, often to outside of the UK, making the recovery of funds extremely difficult.
Often the business does not realise they have been scammed until the genuine supplier chases for non-payment, in some cases this can be weeks or even months later. At this point, it is virtually impossible for the business to get the stolen funds back.
Alternative reports of this scam have included fraudsters falsely claiming to be a senior member of a business, providing account details and instructing an urgent payment to be processed. If the business completes the request, the funds go to an account the fraudster has access to.
Any unexpected requests to change or update payment details for a regular supplier.
Whether made by telephone, email, letter, or fax, if your business is contacted ‘out of the blue’ to amend bank payee details always treat this as a potential warning sign.
Any unexpected, urgent payment requests made via email, text or fax, which supposedly appear to have been made by an internal senior member and provides account details.
If you hold a business account with us and have fallen for an invoice re-direction scam recently or may have received a fraudulent request, contact us immediately.
If you don’t bank with us and have lost money to an invoice re-direction scam report it to Action Fraud, the UK’s national fraud reporting centre at www.actionfraud.police.uk or by calling 0300 123 20 40 (Call Charges).
More information about protecting your business from fraud is available in the scams booklets below.
Information is also available by visiting the Financial Fraud Action website.
Criminals often pose as employers, contacting you online or in person with offers to "earn from the comfort of your own home" or "make easy cash, with no experience necessary".
The scam works by a participant being asked to receive money into their bank account and then to transfer it to another account, keeping some of the cash for themselves.
Students, people who are unemployed, new residents to the country or anyone in financial hardship are often the most at risk to this type of scam.
If you transfer money through your account that is from the proceeds of crime, you're a money mule. Even if you are not directly involved in the crimes that generate the money paid into your account.
If you fall for this type of scam and move money on, you are acting illegally and could be prosecuted and imprisoned for up to 14 years.
Your bank account will be closed and you will have problems applying for credit, loans or mobile phone contracts in the future.
If you think that you may have revealed your security details, fallen victim to fraud, or notice any unusual activity on your account, please contact us immediately on:
If you have seen a scam email claiming to be from us, please let us know by forwarding it to email@example.com