Insights

New examples of fraudulent emails (also known as phishing emails) are doing the rounds currently and we have received reports from two clients that have been targeted with one particular scam.

Companies should be wary of emails purporting to come from senior colleagues requesting for payments to be made. For example, in one instance, an email was received by an accounts payable officer from the ‘Finance Director’ at the company, authorising an urgent payment to a particular organisation and providing the transfer details – sort code and account number.

These emails look very plausible, especially given that real named individuals are involved. It’s very easy to unwittingly complete the request and make a payment. However upon closer examination, most bogus emails feature some common traits:

• Different tone of communication style by the sender to their normal style;
• Request that payment is made immediately – to secure a contract or new project;
• Transfer details of the bank which can be investigated;
• The sender email address may not correspond directly with company email conventions although the sender’s name is listed to appear genuine.

Recommendations

We would recommend to all companies they

• Double check all requests for payments received by email correlate to a genuine invoice;

• Ensure all persons who set payments up on the online banking system are different to the persons who authorise payments. This results in another level of checking and safeguard.

If you are concerned about this issue or want to discuss your accounting processes please contact Simon Paterson at sp@rjp.co.uk