Counter Fraud Team alert: fraud incidents

Two schools have recieved emails purporting to be from the Headteacher. Each email requested a change to their personal bank account details for payroll purposes.

The schools identified the emails were fake by selecting “File”, then Properties on the actual emails and looking through the Internet Headers section, which provided details of the actual email account to which any responses would be sent.

Prior to the incidents, both schools had been subject to internal audits, which identified weaknesses in key financial controls. The outcome of each audit was published online and included the following:

• Name of the school
• A summary of findings
• Areas of weakness within the financial controls (which could include payroll).

Our member believes the cyber criminals may have used this publicly available information to target the schools and send the fraudulent emails. It is important to raise awareness regarding this, as the fraudsters may target further schools or departments within local authorities or public sector organisations.

The attempted fraud was reported to KCC Counter Fraud Team at internal.audit@kent.gov.uk.

Actions

Ensure you don’t share your passwords, do not use an easily guessed password as fraudsters will do open-source checks to find out information such as social media.

Whenever you get an email asking for any bank account payment details to be changed, be that staff, contractors, suppliers always check with the contact details you already have with that person or company.

If you notice that a received invoice is different or the payment details are not the same as those on record, check again with the sender that the information is correct.

A phone call is best as if the subjects email or online accounts have been targeted the fraudster may be monitoring them.

Also use a phone number you already have on record and not one that is contained within the email requesting the change, the fraudster will control any phone number they email to you.

Criminals are experts at impersonating people, businesses and the police. They spend hours researching your business for their scams, hoping you will let your guard down for just a moment.

Remember

Stop: If you receive a request to make an urgent payment, change supplier bank details or provide financial information, take a moment to stop and think.

Challenge: Could it be fake? Verify all payments and supplier details directly with the company or individual on a known phone number or in person first.

Protect: Contact your business’ bank immediately if you think you’ve been scammed and report it to Action Fraud online or by calling 0300 123 2040.

Advice can be found on the Take Five website:

• Take Five - general advice
• Take Five - business advice