The fraud is sophisticated because:
• Email addresses on letters may use extensions similar to that of the genuine company, but are in fact bogus
• Fraudsters are known to telephone the company they are targeting (a practice known as ‘vishing’) to ask for contact names, so that the correct ones appear on any communication
• Signatures and other information are obtained from legitimate public sources to add further credibility to the scam
• Letters are likely to use the same logo, letterhead and style as the genuine company and look authentic.
• All requests for payment or to amends to payment details should be independently validated before acting on the instruction
• It is essential that you alert any staff with access to financial systems, those who handle payments or whose role involves dealing with any changes to client contact details to the above threat
• Closely scrutinise all requests for payment
• Contact the supplier or creditor to independently validate requests for payment, or to amend bank details, using contact information that is known or that has been obtained independently e.g. existing records within your business or Directory Enquiries
• Do not amend any payment details or instruction, until you are entirely satisfied with the authenticity of the request.