Blog Layout
Invoice fraud and CEO spoofing
Jun 08, 2020
If you stop and think about it, you already know how to beat invoice fraud and CEO spoofing.
It’s not hard for fraudsters to find out business invoice details (even down to payment dates) and then pose as regular suppliers.
You know if the ‘supplier’ contacting you might not be your supplier. You know you should always validate requests to change payment details. You know if something in the request doesn’t quite add up.
If you receive an email from your CEO or another senior member of staff asking you to make an urgent payment outside of normal procedures, don’t automatically follow their lead.
You know if the ‘CEO’ emailing you might not genuinely be your CEO. You know if something in their tone or request doesn’t add up, or if something they’re asking doesn’t feel right. You know you should always validate requests to change payment details.
It’s just that when you’re busy, or under pressure, it’s easy to forget this.
By following some simple steps you can beat the fraudsters:
- Don’t assume an email or phone call is authentic. Are they who they say they are? Is it really one of your suppliers? Is it really your CEO? Take time to think. Take time to check.
- Are they supplying the right information? It’s easy for a criminal to pose as your supplier and ask you to change bank account details, or pose as your CEO, emailing to ask you to make an urgent one-off payment. It’s also easy for you to call your real supplier, or your CEO and check!
- Listen to your instincts – you know if something doesn’t feel right. If it feels wrong then it probably is. If you suspect a request isn’t from your genuine supplier, always question it. Always validate requests to change payment details or make one-off payments. Take time to call them back on a number you’ve used before.
- Don’t be rushed or pressured into making a decision. Remember to stop and take time to carefully consider your actions.
Share this news story...
International Fraud Awareness Week (IFAW) 2024 takes place from 17-23 November, and SAFE continues to support this global effort to minimise the impact of fraud by promoting anti-fraud awareness and education. Fraud and cybercrime account for over 40% of all crime in England and Wales, affecting more people, more often, than any other crime. The social and economic cost to individuals is estimated to be in excess of £4.7 billion a year. So don’t wait until #fraudweek to become a fraud fighter!
According to data from Action Fraud, the national fraud and cybercrime reporting service, more than 33,000 people had their social media or email accounts hacked in the 12 months to August 2024, and victims lost a total of £1.4 million. Fraud is now the most commonly experienced crime in the UK, with 1 in 17 adults falling victim to fraudsters. The National Fraud Intelligence Bureau indicate that 80% of fraud is cyber-enabled. October is Cyber Security Awareness Month, an international initiative that aims to educate everyone about cyber safety. To mark the event, Action Fraud and NHS England have launched awareness campaigns to remind people that there are simple ways to protect themselves and our NHS from online threats.
Following the submission of a successful bid, SAFE are proud to be included in the YPO Internal Audit and Assurance, and Counter Fraud Investigation Services Framework. Beating stiff competition, our bid was the highest scoring in Lot 3: Counter Fraud Investigation Services. YPO is one of the largest public sector purchasing consortiums in the UK, and the inclusion of SAFE on the framework means that the following organisations can easily access our award winning, cost-effective services: • Local authority councils, • Educational establishments, • Police, fire and rescue, maritime/coastguard agency emergency services, • NHS bodies, the HSC (Northern Ireland) and ambulance services, • Central government departments and their agencies, • Registered charities, • And more, full list available here .
