Protect your business from fraud and scams!
Posted on in Business News, Cycles News
The last few weeks have seen an increase in the level of attacks through beneficiary/payee change requests with fraudsters exploiting payment control weaknesses, so that they can redirect payments to accounts they control.
How it works
Criminals use social engineering to attain detailed information that helps to convince you into making an urgent payment.
They will request payee changes by phone and email instructions, pretending to work for suppliers or a business associate. These instructions appear to be genuine and can be hard to spot, with only the slightest variations to email addresses or correspondence.
Fraudsters can also use sophisticated methods to hack and monitor email accounts and insert fake emails containing new bank account details.
With these particular scams, it is crucial to make sure you have robust internal processes in place and they are adhered to in every instance.
Tips to help you stay safe
Here are some practical security measures to help protect your business and keep your payment control processes robust.
- When receiving bank account details to make a payment, pay an invoice, or as a request for a change of bank details, always call a known contact to verify the request is genuine using details held on file, and not on the instructions received
- Always check for irregularities including changes to supplier names and addresses and changes to invoiced amounts. Ensure staff who process payments and have the authority to change bank details are vigilant and appropriately trained
- Set up dual-authorisation procedures for changes of payment information, so more than one person needs to approve them
- Don't allow staff to be pressured by urgent requests, even if they appear to be from someone senior. Always check with a known contact on a trusted number
- Have a strict payment process in place. Regularly review these internal controls so they are fit-for-purpose.
Useful links
If you have any other queries please contact us.
