Author Profile Picture

Nick Lindsay

Elemental CoSec

Director

googletag.cmd.push(function() { googletag.display(‘div-gpt-ad-1705321608055-0’); });

Challenging fraud

default-16x9

A member of your accounts team receives an e-mail from a supplier giving a change of bank details.

What do they do next?

In another scenario an urgent request comes in to the accounts department from an executive asking for an immediate payment to be made to a new supplier.

What happens next?

If the answer to either of those above cases is that the request will be actioned straight away then it is time for some urgent retraining. Unchecked and unverified requests such as those above are quite simply open invitations for fraud.  Or to quote Federation of Small Businesses National Vice Chair Policy and Advocacy Martin McTague: “Only by raising awareness of these sorts of fraud cases will we stand a chance of protecting small businesses for the future.”

Martin McTeague’s comments arose as part of a publicity drive by UK Finance’s ‘Take Five to Stop Fraud’ campaign. Highlighting that small businesses face almost four million cases of cybercrime each year, research by the campaign also revealed that 16% of SMEs would not challenge requests for payment or confidential information. With that in mind, what should companies be doing to identify and turn aside potentially fraudulent approaches? The Take Five campaign suggests a couple of simple steps.

  • Stop. Particularly when you are busy it can be all too easy to simply take requests at face value. That way you can deal with them and move on to the next item on your list. But doing so can let criminals in. So whenever a request to make an urgent payment, reveal sensitive information, or change bank details comes in, the correct procedure is to pause before acting.
  • Challenge. The second step is to take time out to challenge the request. Genuine businesses won’t mind being asked for independent verification. So pick up the phone to a known contact and check that the request is genuine.

They are simple steps but they could just save the business from handing over hard earned cash to fraudsters. However, don’t simply rely on a quick training session which encourages your people to stop and challenge. Remember that they may have to check with senior executives or other organisations. So help them to help your business. A quick course in telephone techniques which includes effective conversation and managing challenge could give your people the confidence to make those phone calls. As the Small Business Commissioner, Liz Barclay, said: “Please, please take nothing at face value and check with anyone you need to pay before responding to texts, emails or calls. We need to make it impossible for the scammers to scam us.”

Author Profile Picture
Nick Lindsay

Director

Read more from Nick Lindsay