31 3月 Be alert – don’t fall for scams
When is a communication from Companies House not a communication from Companies House? No it’s not a trick question; just a reflection of a recent communication from Companies House warning businesses to be careful when they receive letters which appear to come from that body.
The specific warning relates to letters or emails which purport to come from Companies House, asking for a fee in order to stay on the register of companies. The correspondence may quote the official company registration number and other publicly available details but that doesn’t mean that it has come from Companies House. As the warning comments: “The people sending the communications may have a register, but it isn’t the official registry for limited companies in the UK.”
This is only one of a number of scams and attempted frauds which are going the rounds at the moment. Fraudsters are becoming increasingly sophisticated, using publicly available details to add realism. More worryingly, phone numbers and e-mail addresses can also be disguised to look as though the communication comes from a genuine source.
In our last article we looked at managing risk. The potential to be scammed is one risk which every business faces. Managing the risk of fraud starts at the top with a strong lead from the board and the executive team. Creating a culture of fraud awareness is as much a part of the Corporate Governance remit as planning the future or ensuring the annual report presents a fair picture.
So what can organisations do to protect themselves? Whilst the measures used will vary according to the business model simple steps may include:
- Don’t take anything at face value. If anyone in the team receives a change of bank details from an existing supplier make it standard practice to pick up the phone and check with a known contact that the change is correct.
- Be wary of first time payments. When paying a new supplier firstly ensure the bank details are correct by checking with a known contact and then send over a nominal sum in the first instance. Again check receipt with a known contact before remitting the rest of the payment.
- Have a robust invoice sign off process.
- Ensure that everyone understands that no-one in any position of authority would e-mail or text to request an urgent payment, particularly to an unknown bank account.
- Never give out passwords, bank details or other confidential information via e-mail or text and only on the phone if the caller is known and authorised to have that information.
- Never click on an e-mail attachment unless you are 100% certain it comes from a known and trusted source.
Fraudsters understand the human mind. They create plausible stories and prey on a sense of urgency to convince people to act in haste. Don’t let them win or you may just be left repenting at leisure.