UK Finance’s Take Five To Stop Fraud campaign has warned SMEs to be vigilant against email and text scams.

UK Finance Take Five To Stop Fraud SMEs
© Take Five To Stop Fraud

What are these scams?

Scams come in various forms and utilise varying methods, but they all have the same goal in mind – to gather card and bank account details for fraudulent use and theft.

The way the majority of scams do this is through impersonation. They may be cliché, trying to play on your sympathy by impersonating a mourner wishing to sort out a large amount of inheritance. Many are more cunning than this, however, and impersonate suppliers, service providers, or automated sales systems from major retailers. These scams are far more convincing, and far more successful. UK Finance figures show in the first half of 2021, businesses lost £59.2 million to these types of scams.

In a survey conducted for the Take Five to Stop Fraud campaign, 80% of SMEs said they had received unsolicited text or email request for money and personal information.

Common scams targeting businesses include:

  • CEO scam: criminals impersonate a boss or a senior manager to convince staff to make an urgent payment outside of their business’s internal procedures. Sometimes they gain access to a business’s email account by hacking or use spoofing software to email a member of the finance team with what appears to be a genuine email from their boss or a senior manage
  • Invoice and mandate scams: criminals pose as regular suppliers and convince the business to change their existing bank account details on file. They are then tricked into sending money to the account which is controlled by a criminal rather than the genuine supplier.

How do I avoid being scammed?

The Take Five to Stop Fraud campaign was made to urge businesses to take 5 minutes to remember that criminals are becoming more and more convincing at impersonating people or businesses that you trust. They’re just waiting for you to let your guard down. You should always follow these three steps:

STOP – Taking a moment to stop and think before parting with your money or information could keep you safe.

CHALLENGE: Could it be fake? It’s ok to reject, refuse or ignore any requests. Only criminals will try to rush or panic you.

PROTECT: Contact your bank immediately if you think you’ve fallen for a scam and report it to Action Fraud.

Useful tips for spotting scams:

Order on Hold To: John Doe <john.doe@gmail.com> From: Amazon Customer Support <support@arnazon.com>

Send address may look correct at first glance, but actually says ARNAZON rather than AMAZON.

Always check carefully for lookalike URLs, as they can quite often trick the reader.

Here are some examples of lookalike URLs:
goog0le.com
11oydsbank.com
amo.zon.com

Your Amazon vouchers worth £100 will expire in 3 days. Login to use them now: https://rroll.to/IQkfsu

URLs that look like a random string of letters are likely to be nefarious.

URL shortening is a practice used by many legitimate companies however, such as the following:
youtu.be (YouTube)
t.co (Twitter)
fb.me (Facebook)

As you can see these legitimate short URLs typically bear some resemblance to the name of the company involved.

HMRC Refund: You have an outstanding tax rebate of £357.14 which can now be claimed. Follow instructions to claim: https://tax.hmrcrefund.com/

URL is not from a legitimate government website. All government website domains end in gov.uk, so links that do not end in this should not be trusted.

e.g. hmrc.gov.uk, birmingham.gov.uk and so on.

Royal Mail: Your parcel has been redirected to your local Royal Mail Delivery Office due to an unpaid shipping fee. To reschedule this delivery please visit: https://unpaid-fees.royalmail.biz/

The top-level domain (TLD) for the URL is .biz rather than the Royal Mail’s actual TLD of .com

.biz and .net are very commonly used for unscrupulous and/or criminal activity.

Whenever you receive a text or email claiming to be from a reputable company, enter the company’s name into your search engine of choice, and check if their website URL matches that in the text. If it doesn’t, don’t risk it!

Interested in learning more?