IT security firms are warning businesses of a new email scam, where fraudsters impersonate a senior company leader to deceive finance department staff into transferring money.
According to intelligence from Financial Fraud Action UK, the criminal sends an email to a member of staff in a company’s finance department that appears to be from a senior colleague, such as the finance director or chief executive.
To make the email appear genuine the fraudsters use software to manipulate the appearance of an email, including the sender’s address, allowing the fake email to appear in the recipient’s inbox in the same way as a regular email from the same contact.
The content of the email varies, but often requests an urgent payment to be made outside of normal payments protocols, often giving a pressing reason such as the need to secure an important contract.
However, the account to which the payment is made is controlled by the fraudster, and upon receipt of funds the money is withdrawn, often in minutes.
Commenting on the scam Katy Worobec, director of Financial Fraud Action UK, said: “Fraudsters will do all they can to make these scam emails look genuine, so it’s important for finance teams to carefully check any unusual demands for payment through an alternative method, such as over the phone or face to face, before making the payment.
“While an urgent request from the boss might naturally prompt a swift response, it should in fact be a warning sign of a potential scam”, said Worobec.
Many of these emails state they have been sent from smartphone or tablet devices, and criminals have often hacked the genuine email accounts of senior staff, often on web-based services, before sending the fraudulent emails.
Criminals use publically available information to gain knowledge of target companies, such as the names of senior staff.
Advice on avoiding this scam
Always check unusual payment requests directly, ideally in person or by telephone, to confirm the instruction is genuine. Do not use contact details from the email.
- Be suspicious of any request to make a payment outside of the company’s standard process
- Be cautious about any unexpected emails which request urgent bank transfers, even if the message appears to have originated from someone from your own organisation
- Ensure email passwords are robust
The communication style such as wording or language used may also be different to what is normally seen or expected from the person who has supposedly sent the email – in many cases with this particular scam the grammar has been poor or the message has featured unusual phrases, for example:
- “write me back”
- “I need you to take care of a financial obligation”
- “let me know when you are on seat in the office”
- “I will send you the expenditure details for proper coding later today”
You might also be interested in
Tom is AccountingWEB's technology editor, providing unbiased news and analysis from the accounting tech universe.
He started with AccountingWEB in the heady days of 2015, where he worked first as business editor and then editor of the site. After two years as editor of ICAEW Insights, he returned to AccountingWEB in 2022 with a specific...
Replies (5)
Please login or register to join the discussion.
We got this yeaterday
One of my staff got an email that appeared to come from my email address, using her first name too. It asked her to make a payment of £16,700 into a NatWest bank account. In line with policy she asked for some supporting paperwork so the scam came to light, but it looked very genuine.
Thanks...
... Jackie0802. Although obviously not good you've been targeted, it must be pleasing to know your policies work. It does seem like these sorts of scams are becoming slightly more sophisticated.
The scammers
Definitely have inside information. They knew the right person to address the email to and the right authority figure from. Another one is emails notifying changes to suppliers banks. Bearing in mind that it's only the numbers and not the names that count in automated bank transfers this scam is very successful.
Common occurence
We have had several of these come in to our organisation. They appear legitimate but often if you click reply you'll see a completely different email address. Fortunately we never make payments out of the run of the normal day-to-day process but for someone new to the organisation I can see how easily it could be mistaken for a true request.
I do disagree about the inside information though. It is very easy to find out who the senior people in the organisation are by calling up and asking questions - "could you tell me the name of your CEO - I want to write to him/her?". In the same way it's easy to find out who the people in finance are.
We have to stay alert as nothing is as it appears any more.
Vigilant
I had a few of these CHAPS requests pertaining to be from a Director to me. They must have done some homework to establish the correct relationship.
Our Policy is to always gain verbal authorisation for these CHAPS and, also, for bank details changes, to phone the supplier (to suppliers number in the system, not on the letter) to get confirmation it is genuine.
I did respond to an email a month ago playing along (they say you shouldn't do this but I wanted to flush them out) The bank account they wanted the money paid to was Lloyds in West Brom. All info was passed on to Action Fraud which I hope enabled them to find the person through bank records.
Make sure you report all instances to Action Fraud - they do take it seriously.
Remember they only need to be successful once- I recall the company who lost £1m to a scam - http://www.telegraph.co.uk/news/uknews/crime/11878125/Business-scammed-i...