Counter Fraud Team alert: change of bank details

An email was received by the HR & CPD Manager requesting a change of bank details for a staff member. However, the email was not sent from the staff member's actual account.  The staff member was contacted  and upon investigation the email did not appear in their sent items. No reply was sent to the fraudulent email and no bank details were changed.  The correct and swift action by the school staff prevented the staff members salary being divered to the fraudsters.

Cantium, the IT support provider, investigated and identified the spoofed domain, which has since been blocked. Cantium confirmed it was a well-crafted spoof email.

The attempted fraud was reported to KCC Counter Fraud Team

Actions

Ensure you don’t share your passwords, do not use an easily guessed password as fraudsters will do open-source checks to find out information such as social media.

Do not click on links from an unexpected email, even if its from a sender you know.  If in doubt check with the sender by phone or Teams first.

Links such as "https://sites.google.com" to review documents should be treated with suspicion, especially if your school does not normally use this facility.

Whenever you get an email asking for any bank account payment details to be changed, be that staff, contractors, suppliers always check with the contact details you already have with that person or company.

If you notice that a received invoice is different or the payment details are not the same as those on record, check again with the sender that the information is correct.

A phone call is best as if the subjects email or online accounts have been targeted the fraudster may be monitoring them.

Also use a phone number you already have on record and not one that is contained within the email requesting the change, the fraudster will control any phone number they email to you.

Criminals are experts at impersonating people, businesses and the police. They spend hours researching your business for their scams, hoping you will let your guard down for just a moment.

You can also carry out Confirmation of Payee check before making an online payment, if required. Natwest have their Bankline platform, reach out to Schools Finance team or The Education People for assistance.

Remember

Stop: If you receive a request to make an urgent payment, change supplier bank details or provide financial information, take a moment to stop and think.

Challenge: Could it be fake? Verify all payments and supplier details directly with the company or individual on a known phone number or in person first.

Protect: Contact your business’ bank immediately if you think you’ve been scammed and report it to Action Fraud online or by calling 0300 123 2040.

Advice can be found on the Take Five website:

• Take Five - general advice
• Take Five - business advice