Gone phishing: fraudsters taking advantage of new working processes

Published: Tuesday 23 June 2020

With the recent rise in people working from home and getting used to new working processes, many banks and financial organisations are seeing an increase in the number of businesses and individuals being targeted by fraud.

Typically, emails are sent that either:

  • appear to come from a genuine supplier requesting and invoice payment; or
  • appear to come from someone within the recipients own organisation, requesting a payment to be made or account details to be changed.

These emails will usually come from a fake email account made to look almost identical to the real account, or the real account may have been hacked and, therefore, the emails comes from the genuine account.

The majority of organisations will have processes in place to mitigate against such eventualities; for example, independently verifying all requests to change bank account details with a party on either side of the transaction. However, as we discussed in our recent article ‘Reviewing internal controls for new working processes’, control slippage may have occurred due to staff furloughing, new people conducting tasks they would not normally do, work pressures and new working from home processes.

The ICO has produced a list of top ten tips for working securely from home, which could prove invaluable as part of introducing new remote working practices.

If you are looking for advice on managing your internal financial controls, please get in touch with Julian Gaskell at julian.gaskell@hazlewoods.co.uk or 01242 680000.

Key contacts

Julian Gaskell
Julian Gaskell
View profile