As part of our commitment to ongoing excellence in Information Technology (IT) Paterson Simons is completing an audit as part of the UK Government sponsored Cyber Essentials Certification scheme.
Due to this, we are educating our stake holders, customers, and our group staff on this important issue – please note the below critical information about protection against mandate fraud.
WHAT IS MANDATE FRAUD?
Mandate fraud takes place when someone gets in touch claiming to be from an organisation you regularly pay such as a supplier, membership or subscription service. They make a request that a bank transfer mandate is changed. After payment is made the fraud is complete. This crime is always changing and can be done online.
NOTE: BANK ACCOUNT DETAILS CHANGE SCAMS ARE ON THE RISE
Avoiding mandate fraud is crucial in protecting oneself and their assets from financial scams.
We have unfortunately noticed an increase in email scams recently in our industry and network. Please be aware of criminals posing as Paterson Simons staff requesting payments to be made to new/different bank accounts.
BE AWARE OF EMAIL FORGERY AKA EMAIL ‘SPOOFING’
Criminals will forge an email to make it appear that the email has been sent by someone, for example, someone from Paterson Simons. This is known as email ‘spoofing’.
Either the name and address of the email sender is a forgery, or perhaps just the name.
This is to trick victims (you) into payments into different back accounts, in order to defraud your business. These email scams are unfortunately well designed to appear authentic – using text content, invoice documents and email signatures that appear to be real.
STAY AWARE AND VIGILANT – FOLLOW THESE STEPS TO HELP PROTECT YOURSELF AGAINST EMAIL FORGERY:
-Verify All Bank Account Changes: Never authorize any transaction or request to change bank account details from Paterson Simons without adhering to your internal processes. Ensure multiple sign-offs and reviews to strengthen the “separation of duties” checks, as emails can be easily spoofed and should not be solely trusted.
-Avoid Making any changes in a rush: Never feel pressured or hurried into making changes. Cyber criminals exploit fear and urgency to trick victims.
-Break the Chain: In case you receive an email requesting a bank account change, take extra caution by verifying its authenticity. Reach out to a trusted Paterson Simons contact through an alternate communication method, such as their telephone number. Do not use any contact details provided in the suspected scam message. By “breaking the chain,” you can help prevent falling victim to the scam. Paterson Simons will never accept email instructions to change bank account details without an additional verification.
-Report Incidents: If you encounter any suspicious activity or become a victim of a scam, immediately inform your local IT & Finance Teams and your bank. Additionally, report the incident to law enforcement and relevant government agencies to aid in the battle against cybercrime and protect others from similar threats.
-Educate Your Staff: Regularly provide User Education & Awareness Training for your employees, particularly focusing on popular scams like email scams and phishing attempts. Conduct targeted training sessions for your Finance Teams to keep them informed about these scams.
-Strengthen Technical Controls: Implement robust technical controls on critical systems, including email, such as Multi-Factor Authentication (MFA) to add an extra layer of security
We encourage you to stay aware and increase your cyber resilience.