Cyber Security

This article is part of our collection on Cyber Security

Businesses Against Scams: helping you protect your business

Arm yourself against fraud with these resources from the National Trading Standards Scams Team.

Last updated: 18 May 2020 5 min read

Share This

Thousands of British businesses and their staff are facing significant levels of disruption due to the coronavirus pandemic and resulting lockdown restrictions.

According to Adam Carter, senior project officer on the National Trading Standards Scams Team, the sudden shift to remote working among a large proportion of the employed population has significantly increased the fraud risks for individuals and the companies they work for.

He explains: “What we’ve seen is thousands of people forced out of the office and now facing the pressures of childcare, as well as problems like inadequate home IT networks – not to mention general anxiety about the pandemic itself.

“This has created a situation where people’s decision-making might be impaired, and where they are therefore more vulnerable to attempted fraud.”

This heightened risk is the reason National Trading Standards has launched a new Businesses Against Scams campaign, which aims to educate company owners and their staff about the dangers they face.

The campaign’s website has a number of resources for businesses to use to inform and train staff about red flags to watch out for as well as the steps they should take if they receive an unusual or unsolicited approach from a potential fraudster.

“We are asking company owners or HR departments to spread this information throughout the business, and ask colleagues to complete the training module on the Businesses Against Scams website,” Carter says.

He points out that this training should be completed by everyone, from temps who have recently joined the businesses to those who have been with the company for many years. “Scams evolve over time, and there is a danger of complacency if more experienced staff think they already know what to look out for,” he adds.

Carter says the type of fraud businesses are likely to face at present will tend to fall into one of four broad categories:

1. Government grant/tax refund scams

The wide range of government-backed support schemes that have been set up to help individuals and businesses survive the pandemic and resulting lockdown give fraudsters an excellent opportunity to profit, Carter explains.

In some reported cases, criminals have sent out fake emails or text messages purporting to come from a government department or HMRC, claiming to offer anything from grant money and cheap loans to tax refunds. But fraudsters are typically trying to obtain their victims’ bank details in order to steal from their accounts, or persuade them to download malicious software.

“Scams evolve over time, and there is a danger of complacency if more experienced staff think they already know what to look out for”Adam Carter, senior project officer, National Trading Standards

2. CEO scams

With workforces operating remotely, this type of fraud involves criminals impersonating senior management – often using a fake but genuine-looking email address – and asking junior staff to transfer money to an external bank account, for example.

Fraudsters rely on the fact that subordinates may often be wary of challenging instructions, however unusual, that seem to come from their superiors.

3. Invoice/mandate scams

This type of scam involves criminals passing themselves off as suppliers or other connected businesses and persuading workers to change the bank details of legitimate suppliers so that payments are diverted into the fraudsters’ accounts. Alternatively, criminals may simply submit a fake invoice from a genuine-looking email address.

4. Tech support scams

These are usually phone calls that claim to be from a major IT or internet company, offering to help deal with a problem that has supposedly been detected on someone’s broadband connection or home computer. The aim is to gain the victim’s trust to the extent that they hand over remote access to their computer to the criminals.

Carter says that, with so many people working from home for the first time and using domestic wifi technology, this scam probably has a greater than normal chance of success. But he points out that the likes of Microsoft – one of the companies fraudsters most commonly claim to be calling from – simply does not offer this IT service.

How your business should respond to the threat of coronavirus scams

Carter says businesses and their staff should take the following steps to reduce their chances of falling victim to fraud:

  • Take your time if you are being asked to do something that involves moving money or divulging sensitive data, for example. Fraudsters like to convince victims that requests are urgent, as time pressure is more likely to lead to poor decisions.
  • Understand that emails and text messages can be faked so they are practically indistinguishable from genuine communications from managers, banks or government bodies. Take the view that if something seems too good to be true, or very much out of the ordinary, it probably is.
  • If in doubt, pick up the phone and speak to a manager or team member. No genuine request is likely to be jeopardised by you taking a few minutes to check.
  • Don’t be afraid to challenge a request, even if it appears to come from a member of senior management – and business owners should encourage this kind of safety-first approach among their staff.
  • Report all suspicious activity to Action Fraud , the organisation set up by the police to coordinate responses to online crime. According to Action Fraud estimates, Carter says, less than 10% of fraud attempts in the UK are reported officially.
Share This

Cyber Security