Accountant averts cyber crime

iStock_000061121948_Small_1.jpg

iStock00061121948_Small
Freelance journalist
Share this content
Tags
1

Accountants have warned of fraudsters forging the signatures of finance directors harvested from the companies' annual accounts to authorise bank payments.

A member of the ICAEW recently described an attempted fraud: “The fraudsters managed to find out who was administering our land lines," the ICAEW member said. "They put a call into that supplier pretending to be another director and said that I had asked for the phones to be diverted due to a fault. This divert request succeeded.

The fraudsters then faxed payment instructions to [BANK] using signatures for myself and [NAME] which had been harvested from [COMPANY] annual accounts. These instructions sought to pay £[AMOUNT] from [COMPANY]. The bank, as is standard practice, telephoned the office to speak to me to confirm that authenticity of the payment instructions and because of the divert spoke to the fraudsters. Fortunately the [BANK] contact recognised that it was not me and we were then alerted.”

The sum involved was well into six figures. The ICAEW said that there were faults in the supply chain, for example the telephone company made insufficient checks on the identity of the caller.

Smaller companies are probably more at risk due to the fact that the financial director can be identified easily than large companies because larger companies readily sign-off responsibilities would be devolved across an enterprise, the ICAEW said.

Since the incident the ICAEW member has taken steps to protect his identity; including amending his LinkedIn profile and removing his biography from the company web site, the ICAEW said. 

The ICAEW said that it has raised the matter with Companies House.

Currently there is no legal basis for Companies House to remove signatures from existing submissions, the ICAEW said. In the reported fraud attempt, the use of iXBRL (a standard for reporting financial data that uses labels or 'tags' that computers can interpret) would have prevented the necessary signature from being easily found and reused.

The ICAEW said that an "informal survey" of companies of varying size suggested that there a number of problems with electronic submission to Companies House that should be fixed before it becomes universal. The problems included: the business or practice had not considered the risk of fraud; not all software can handle online filing of company accounts.

"There appears to be a need for further progress before electronic submission to Companies House is universally adopted," the ICAEW said. Until progress is made across a range of issues companies should remain vigilant to this form of cybercrime."

Replies

Please login or register to join the discussion.

Scammers paradise

Although the Companies House Beta is fantastic for doing free company searches, it offers low hanging fruit to fraudsters.

Now peoples full names, addresses, dates of birth, bankers and samples of signatures are all permanently available free of charge to anyone anywhere in the world that cares to look. I dare say that there are boiler rooms full of scammers sifting through Companies House as I type this.

Companies House have made a half-arsed effort at redaction, so dates of birth on annual returns are now incomplete, but it is a poor show that nothing is done about the history.

Thanks (1)