Save content
Have you found this content useful? Use the button above to save it to your profile.
iStock_Rocky89_ITS

Email scam targets finance department staff

by
20th Oct 2015
Save content
Have you found this content useful? Use the button above to save it to your profile.

IT security firms are warning businesses of a new email scam, where fraudsters impersonate a senior company leader to deceive finance department staff into transferring money.

According to intelligence from Financial Fraud Action UK, the criminal sends an email to a member of staff in a company’s finance department that appears to be from a senior colleague, such as the finance director or chief executive.

To make the email appear genuine the fraudsters use software to manipulate the appearance of an email, including the sender’s address, allowing the fake email to appear in the recipient’s inbox in the same way as a regular email from the same contact.

The content of the email varies, but often requests an urgent payment to be made outside of normal payments protocols, often giving a pressing reason such as the need to secure an important contract.

However, the account to which the payment is made is controlled by the fraudster, and upon receipt of funds the money is withdrawn, often in minutes.

Commenting on the scam Katy Worobec, director of Financial Fraud Action UK, said: “Fraudsters will do all they can to make these scam emails look genuine, so it’s important for finance teams to carefully check any unusual demands for payment through an alternative method, such as over the phone or face to face, before making the payment.

“While an urgent request from the boss might naturally prompt a swift response, it should in fact be a warning sign of a potential scam”, said Worobec.

Many of these emails state they have been sent from smartphone or tablet devices, and criminals have often hacked the genuine email accounts of senior staff, often on web-based services, before sending the fraudulent emails.

Criminals use publically available information to gain knowledge of target companies, such as the names of senior staff.

Advice on avoiding this scam

Always check unusual payment requests directly, ideally in person or by telephone, to confirm the instruction is genuine. Do not use contact details from the email.

  • Be suspicious of any request to make a payment outside of the company’s standard process
  • Be cautious about any unexpected emails which request urgent bank transfers, even if the message appears to have originated from someone from your own organisation
  • Ensure email passwords are robust

The communication style such as wording or language used may also be different to what is normally seen or expected from the person who has supposedly sent the email – in many cases with this particular scam the grammar has been poor or the message has featured unusual phrases, for example:

  • “write me back”
  • “I need you to take care of a financial obligation”
  • “let me know when you are on seat in the office”
  • “I will send you the expenditure details for proper coding later today”
Tags:

Replies (5)

Please login or register to join the discussion.

avatar
By Jackie0802
20th Oct 2015 20:00

We got this yeaterday

One of my staff got an email that appeared to come from my email address, using her first name too.  It asked her to make a payment of £16,700 into a NatWest bank account. In line with policy she asked for some supporting paperwork so the scam came to light, but it looked very genuine. 

Thanks (1)
Tom Herbert
By Tom Herbert
21st Oct 2015 08:53

Thanks...

... Jackie0802. Although obviously not good you've been targeted, it must be pleasing to know your policies work. It does seem like these sorts of scams are becoming slightly more sophisticated.

Thanks (0)
avatar
By Jackie0802
21st Oct 2015 09:59

The scammers

Definitely have inside information.  They knew the right person to address the email to and the right authority figure from.  Another one is emails notifying changes to suppliers banks.  Bearing in mind that it's only the numbers and not the names that count in automated bank transfers this scam is very successful.  

Thanks (1)
avatar
By Klandrews
22nd Oct 2015 10:56

Common occurence

We have had several of these come in to our organisation.  They appear legitimate but often if you click reply you'll see a completely different email address.  Fortunately we never make payments out of the run of the normal day-to-day process but for someone new to the organisation I can see how easily it could be mistaken for a true request.

I do disagree about the inside information though.  It is very easy to find out who the senior people in the organisation are by calling up and asking questions - "could you tell me the name of your CEO - I want to write to him/her?".  In the same way it's easy to find out who the people in finance are. 

We have to stay alert as nothing is as it appears any more.

Thanks (1)
avatar
By philh74a
22nd Oct 2015 17:02

Vigilant

I had a few of these CHAPS requests pertaining to be from a Director to me. They must have done some homework to establish the correct relationship.

Our Policy is to always gain verbal authorisation for these CHAPS and, also, for bank details changes, to phone the supplier (to suppliers number in the system, not on the letter) to get confirmation it is genuine.

I did respond to an email a month ago playing along (they say you shouldn't do this but I wanted to flush them out) The bank account they wanted the money paid to was Lloyds in West Brom. All info was passed on to Action Fraud which I hope enabled them to find the person through bank records.

Make sure you report all instances to Action Fraud - they do take it seriously.

Remember they only need to be successful once- I recall the company who lost £1m to a scam - http://www.telegraph.co.uk/news/uknews/crime/11878125/Business-scammed-i...

Thanks (1)