Implementing robust procedures is the best way to protect your business against technology-enabled fraud, says Director Teresa Campbell
Technology-enabled fraud is increasingly a concern for businesses. We have previously cautioned against scammers who contact companies requesting credit card details to successfully complete the delivery of a parcel. Delivery companies will never contact you to request payment details – they will either return the parcel or ask for cash on delivery if additional payments are due.
The “2019 Cyber Security Breaches Survey”, published by the UK Government’s Department for Digital, Culture, Media and Sport in April, shows that 32% of businesses identified a cyber security attack in the last 12 months. Where a breach resulted in a loss of data or assets, the average cost of a cyber attack has gone up by more than £1,000 since 2018 to £4,180. DCMS is urging businesses and charities to do more to protect themselves against cybercrime.
In the Republic of Ireland, around one in five SMEs have been affected by invoice redirection fraud according to research carried out late last year by Behaviour & Attitudes for the fraud awareness initiative, FraudSMART.
The research found that the most common types of scam encountered by SMEs are phishing emails (72%), followed by vishing, a phone-based phishing scam (26%), and invoice redirection scams (21%).
Worryingly, over a third of businesses (35%) said that they do not confirm the legitimacy of new bank details from suppliers before confirming a payment.
Media reports in May 2019, highlighted that 132 cases of invoice redirect fraud, or ‘CEO fraud’, involving losses of €4.4 million have been reported to Gardaí this year and that in April 2019 alone, more than €2.2 million was stolen.
To protect against invoice fraud, businesses need to implement robust procedures requiring staff to verify the legitimacy of payment requests. All staff should be alert to the dangers of fraud and those paying invoices should watch out in particular for irregularities such as changes to the account details of vendors.
Telecom fraud is another issue that many businesses encounter. A recently published report by Europol and Trend Micro highlights that this type of fraud is becoming a low risk alternative to traditional financial crime. The “Cyber-Telecom Crime Report 2019” says that the main goal of criminals is to gain access to customers’ or carriers’ accounts where debt can be incurred in the criminal’s favour. The cost of this type of fraud is an estimated €29 billion per annum. According to the report, common fraud methods can be broken into different categories ranging from crude to highly sophisticated scams:
• Vishing calls (where fraudsters trick victims into divulging their personal, ﬁnancial or security information or transferring money.
• One (ring) and cut or Wangiri (where criminals ring once and hang up, tricking victims into calling premium rate numbers if they return the ‘missed call’.
• International Revenue Sharing Fraud (which involves transferring monetary value from one carrier to another, based on the inter-carrier trust between telecom operators).
PKF-FPM runs regular seminars and events to help clients protect their businesses from cybercrime. For further information contact Ashok Thomas in our Belfast office firstname.lastname@example.org
Teresa Campbell l Director