Scam Alert - Payment re-direction scam and how to protect your business

Scam Alert - Payment re-direction

As a business owner, high on your priority list is to protect your assets, employees, reputation and most importantly your customers.

Unfortunately, in this highly technological advanced world, businesses are more and more vulnerable to the scams which can be presented in many forms and guises. It is the adverse effects from scams which can have a devastating effect on your most valuable assets.

The damage done can be significant to your business, including financial and reputational. The scammers are capable of being manipulative in sophisticated forms without you even realising.

You will have heard of many types of cons over the years, whether it be overpayment scams, or fake directories & advertising scams to phishing, malware and ransomware scams. The business world is full of them and there are more being formed daily.

Let’s explore further into one of these scams and look at ways of protecting your business:

Payment Redirection

How this scam works

  • Scammers hack into your supplier email accounts and obtain information such as customer lists, bank details and previous invoices.
  • You receive an email, supposedly from a supplier, requesting an electronic transfer to a new or updated bank account.
  • The scammers either disguise their email address or create a new address that looks nearly identical. The emails may be bluffed by adding, removing, or subtly changing characters in the email address which makes it difficult to identify the scammer’s email from a genuine address.
  • The email may look to be from a genuine supplier and often include a copy of the suppliers business’s logo and message format. It may also contain links to websites that are convincing fakes of the real company’s homepage or links to the real homepage itself.
  • The scam email requests a change to usual billing arrangements and asks you to transfer money to a different account, usually by electronic transfer.
  • The scam is usually not detected until the business is alerted by complaints from genuine suppliers that they have not received payment.

Protect Protect Protect

  • Implement effective management procedures in your business to prevent future scams. SCAM PROOF your BUSINESS.
  • Have a clearly defined process for verifying and paying accounts and invoices.
  • Consider a multi-person approval process for transactions over a certain dollar threshold.
  • Ensure your staff are aware of this scam and understand how it works so they can identify it, avoid it and report it. Share this article with them!
  • Double check email addresses - scammers can create a new account which is very close to the real one; if you look closely you can usually spot the fake.
  • DO NOT seek verification via email – you may be simply responding to the scammer’s email or scammers may have the capacity to intercept the email.
  • If you think a request is suspicious, pick up the phone and call your supplier.
  • DO NOT call any telephone number listed in the email; instead, use contact details that you already have on file for the business, or from an independent source.
  • DO NOT pay, give out or clarify any information about your business until you have investigated further.
  • Confirm that all your IT systems are up to date with security requirements. Perform regular security maintenance on your computer systems to ensure anti-virus, anti-spyware and your firewall are up to date.
 

This is one headache that your business can do without!

If you need help setting up these processes, feel free to contact us