You may be expecting to make a payment for services or goods that you have received from a legitimate existing supplier, but you have now received contact requesting a payment to new bank account details. Scammers can hijack email addresses or call from reputable numbers, posing as genuine organisations or business associates and even go as far as creating fake invoices. If you’re unsure whether a bill or invoice is genuine, contact the company first through a trusted channel before making any payments.
Advance fee scams
You may be in contact with a new business associate who asks you to make a payment for goods or services in advance, for example paying a property rental deposit or a new supplier for a service they are providing you. Always try to verify the identity of the person or outfit you are sending funds to, for example by looking at reviews online, making sure you get sent invoices, and where possible meeting in person and/or viewing the goods/premises prior to sending the money.
HMRC/law enforcement scams
If you receive a call out of the blue from someone claiming to be from HMRC or law enforcement and they advise that you have an outstanding bill/fine to pay, or that your assistance is required with a police case, please be cautious as this may be a scam. You may be pressured into making a quick decision, threatened with legal action, sent official-looking documents or be told not to tell anyone about the call. If you’re ever approached in this way, hang up the phone and attempt to call back on a number found on a trusted website to confirm if the call is legitimate. In the event that you received the call on a landline, make sure you call back from a different device as fraudsters may keep the line open.
In its simplest form, CEO fraud is impersonation of a company’s Chief Executive (or another senior colleague who can authorise payments).
This fraud usually involves an email being sent to an individual working within finance or accounts at the company, instructing a significant, urgent payment. This can be done via infiltration of the internal email system, or impersonation of the CEO.
During early 2016, it was reported that UK businesses had lost more than £32 million as a result of CEO fraud.