Throughout the Covid-19 pandemic, businesses have experienced an increase in the level of fraudulent activity. Many firms have moved their business activities online and with more employees now working from home, there are increased opportunities for fraudsters to target them.
Example: Invoice Fraud
Invoice fraud is on the rise and while not a particularly new scam, it can be catastrophic for businesses who fall victim to it. Invoice fraud occurs when a fake email address is used to contact a business, pretending to be one of the firm’s suppliers The emails tend to mimic those that the firm usually receives from suppliers, including logos and signoffs. The email will tend to instruct the firm to direct future invoice payments to a different bank account. When the firm receives the next legitimate invoice, they will unwittingly make the payment to the fraudsters bank account. Even if the funds are recalled through your bank, there is no guarantee that the funds can be recovered.
The best way to protect your business against fraud is to educate your staff. Your firm should deliver regular training sessions to all staff on common security threats (online and offline) as well as prevention measures that they can implement. Training should include case studies which show how to spot a fake email address and all staff should be trained to question any request from suppliers regarding changes to payment details and so forth.
Example: HMRC phishing
HMRC will only ever phone you about an issue that you are already aware of, and they do not use messaging apps such as WhatsApp, so if you receive unexpected calls or any form of text from them you can safely ignore these. Please do take a moment to report these to HMRC who have compiled a comprehensive list of all current phishing scams here. If you receive an email or letter purporting to be from HMRC, and you want it verifying, please get in touch with us and we’ll be happy to look it over!
The next step to defending your business from fraud is to focus on defending your firm’s systems and data effectively. These days, most financial transactions take place online, so put appropriate systems and processes in place to prevent fraud. Your firm should also invest in an up-to-date cyber security software package including a firewall, data encryption, automatic back-up of all data and password management. Don’t forget to secure your website either, as there are hundreds of thousands of attacks on websites every day, and your website can contain a surprising amount of sensitive data, particularly if it is enabled for e-commerce.
Defending your business from fraud is a mixture of using common sense, providing staff training, and investing in security. Get all three right and you can be confident that your business is secure.