Attempted email fraud through supplier payments
An important reminder for all businesses…
Fraud attempts through re-direction of supplier bank details remains a constant threat. Fraudsters use of a similar (but not exactly the same) supplier email address to notify a company of a bank account change with the obvious aim to direct payments for that supplier to the fraudsters account. It’s therefore important that all busineses remain vigilant around all emails, and ensure their staff are aware of this type of bank account redirection fraud. We recommend the following in addition to any other controls you may already have in place:
- Review of the procedures for changing supplier bank accounts, for example requiring a phone call to the supplier to verify the account changes are real and potentially also having director authorisation for the change.
- Consider implementing alerting software on supplier account changes, especially on banking, to notify managers/directors of any changes so these can be checked – alerting can also be used for other data monitoring.
- Ensure that bank details are not used off printed documents – another method used is the intervention of invoices/statements and changing of bank details on these, or the creating of a false invoice looking exactly the same as the suppliers but with the fraudsters bank details on them. As with 1, verify any bank details directly and verbally with the supplier.
- Ensure that you have multi-factor-authentication (MFA) in place on your email systems, and consider moving to solutions like Office 365 if it is not available on your current email system. MFA basically requires a separate code/authorisation to allow logging in to your email from any previously unauthorised device (same as you see on your personal banking).
- Consider using the Sophos Phishing testing service to periodically test users with realistic and up to date phishing threat test emails sent to users. If the user then provide their details through the test, they can be trained/coached on how to avoid them in future, both in business and their personal life.
- Ensure you have suitable off-site backups in place and that these are protecting against Ransomware (which can target backups as well as main systems to prevent restoring) as Ransomware remains an ongoing threat through email phishing and other approaches.
This type of business fraud, along with Ransomware, are massively lucrative so a constant threat to businesses of all sizes so we all need to stay vigilant, ensure our users are fraud aware, on an ongoing basis. Given the significant sums they can gain, fraudsters continue to invest in ever more realistic and clever ways to break user and business security.
Have you experienced something similar?
Find all of the latest business and IT industry news as updates on solutions and software including but not limited to Sage 200cloud, Sage CRM and Realitex200. Follow us on social media to get these updates as they’re announced.
Sage has announced that the Sage 200 Manufacturing module will be retired, with new sales ending on the 1st November 2020 and the module entering extended support from the 1st January 2021.