As part of my role as an auditor I am required to ask my clients at the planning stage of an audit what fraud they are aware of and which fraud risks they envisage. Most clients seem to have experienced some form attack, even if on the whole they are unsuccessful.
You can imagine my annoyance when I then got some first-hand experience of a fraud attack recently relating to contracts with companies I had no knowledge of: A new contract for a Tesco mobile, followed by opening an Argos store card using the mobile phone number created, followed by creating a Debenham’s store card with a fake copy of my driving licence!
Thankfully I spoke to all the companies involved and alerted them to these fraud attacks and, as I write, I haven’t suffered any damages other than a large amount of time on the phone.
I would like, therefore, to share some experiences of fraud attacks on companies that I hear when I am with clients and ask you to question whether you are properly protected.
An old trick is an attempt to change supplier bank details by way of a letter received. Companies with good control systems will ensure they call the supplier, preferably to a known contact, to confirm details.
Another common fraud attack is the use of the “bogus boss” email where the finance team gets an email purporting to be from the MD demanding payment immediately to a bank account which the fraudster controls. The advice to thwart such attacks has to be that there is an understanding with both parties that payment instructions don’t flow by email, and if they do, they should be confirmed with a personal call.
Rarer are reports of hackings into bank systems where the standing details are amended between set up of payment and approval due to a long lead time between preparer and approver.
The newest one I have come across is where the fraudster redirects the supplier phone number in unison with a change of bank details. Again, having a named contact to call at the supplier gives you a protection but it is worth setting up a password with your phone provider.
I am always shocked by the number of fraudsters and the resources at their disposal to undertake these consistent barrage of attacks. No doubt with more I.T. reliance and automation the fraudsters will invent new ways to cause havoc but it is the human input and control processes that protect you.
Pick up the phone, speak to people and stay safe!
Blog written by: Nigel Goodman
West London
3 Brook Business Centre,
Cowley Mill Road,
Uxbridge, UB8 2FX
East London
London, E11 1GA
South London
London Bridge
73–81 Southwark Bridge Road,
London, SE1 0NQ
City London
London, EC2M 1JH
We believe we are more than just your average accountancy firm. Our goal at Barnes Roffe is to engage our clients through a proactive relationship, which provides you with the resources and tools you need to enable you to take charge of your finances with confidence.
Tax news, audit news and any new accounting news ... with the help of our topical tips, blogs and key guides you can enjoy the benefit of being regularly informed of business and accounting updates which are likely to be relevant to you and your business.
PLEASE NOTE: By the very nature of this type of information the details of tax law might have changed since they were published, so contact your Barnes Roffe partner before acting on any matter contained in these documents.