Business scammed into handing over £1million to bogus caller

A Suffolk company has become the UK’s biggest single victim of a phone scam after being tricked into handing over £1million to a conman masquerading as the firm’s bank. The fraudster managed to convince a member of staff that there was a virus affecting the firm’s internet banking facility. He advised them that the firm’s money should be transferred into separate holding accounts whilst the bank resolved the issue.

He gained the trust of the member of staff and persuaded them to download remote access software to the firm’s computer. This software allowed him to gain access to the company’s accounts and transfer the money. The fraudster managed to make the call seem more authentic by disguising his telephone number to that of the bank’s fraud team.
“Businesses too are victims of crime”

Cyber crime is certainly a rapidly evolving pattern of crime, and continues to be on the rise as new technology develops. Suffolk Police and Crime Commissioner Tim Passmore expressed how the damage done to this company is potentially huge, and it stands as “a salient reminder that businesses too are victims of crime”. Mr Passmore stressed the importance of committing resources into tackling the growing problem of cybercrime.

Financial Fraud Action reported in June that similar telephone banking scams in the UK had netted £23.6m for fraudsters last year. This staggering amount of money highlights the sheer level of the threat faced by both individuals and businesses from cyber criminals.
What lessons should be taken from this?

Cybersecurity has become a serious challenge with various internet criminal acts on the rise. It is paramount that businesses remain diligent and beware of potential financial scams. There are a number of steps which can be taken and safeguards put in place by businesses in order to increase their level of protection against cyber crime, minimise losses, and reduce the risk of falling victim.

Simply ensuring that your business has robust policies and procedures, effective protection mechanisms, and putting in place a diligent crisis management team consisting of personnel with the relevant skills to deal with an attack and key emergency contacts is important to securing the integrity of a company’s IT system.

SM&B have developed a security package for businesses concerned with the risk of cybercrime. We offer the following services which we can implement working alongside you to meet your specific business needs:

Stage 1: A full audit of your compliance policies, procedures, data and IT security and third party arrangements;

Stage 2: Help with developing new policies and procedures going forward;

Stage 3: Key staff training on compliance and crisis management;

Stage 4: Assisting in the development of a crisis management team;

Stage 5: Direct advice hotline and crisis management assistance;

Stage 6: Post incident investigation, enforcement, reputation management and public relations strategy.

If you wish to discuss anything in this article or any specific needs your organisation may have please do not hesitate to contact David Phillips.