A client nearly fell victim to an email fraud and we thought we should alert you to this. This is how it works:
1. The fraudster gains access to the email account of someone in the finance department of the customer (you) – this could be the Financial Controller in your company.
2. The fraudster monitors incoming emails from suppliers to you. In this case an incoming email with an invoice for payment.
3. The fraudster intercepts the email and creates a new version that looks genuine, with a request to change the bank details. The bank details on the attached invoice may also be changed – even if the real invoice is a pdf.
4. The email may be forwarded to accounts payable from the compromised account – in this case by the Financial Controller.
5. The bank account detail is changed and the fraudster is paid not the genuine supplier. You still owe the genuine supplier.
Never change a supplier’s bank account on an email request – always verify.
A follow up on the fraud alert.
This is to protect you from fraudulent changes to your bank account arising from instances of the email fraud alerted above (i.e. where you are the supplier rather than the customer).
1. Inform your customers that you will never request a change to your banking details by email. For my part, I will never request you change my bank details by email.
2. Tell your clients that if they receive any correspondence, including emails, announcing a change in bank details, advise them to contact you personally by phone and verify your banking details before they pay.
3. Remove your bank account details from your invoices. I shall be doing this from future invoices (for work in August 2019 onwards).
Author: Peter Hedgethorne, Director, Plus Accounting
Any views or opinions represented in this blog are personal, belong solely to the blog owner and do not represent those of Plus Accounting. All content provided on this blog is for informational purposes only. The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site.