Cyber Insurance and Cyber Fraud
Payment Diversion Fraud – protecting your data

Financial crime can impact all of us, both at work and in our personal lives.

One of the most common types of financial crime is Payment Diversion Fraud.

Knowing what to look out for and what action to take can help you to protect your business from these risks.

Payment Diversion Fraud

Fraud is the most recognised type of financial crime and ‘payment diversion fraud’ otherwise known as authorised push payment (APP) is a when criminals deceive a victim into transferring money to a scammer instead of the intended recipient. There are three main types:

  • Mandate fraud: A fraudster contacts you pretending to be client or supplier. They advise that the bank details have changed and request you to update your records. After which all payments for that client or supplier will be paid to the fraudster’s bank account.
  • False payment instructions:  This is where someone hacks into emails and sends false payment instructions so money is paid into a fraudsters account. This can also include hacking or masking email communications between the company (or you).
  • Fraudulent bank communications: You may receive a communication from a fraudster claiming to be a bank. The person responsible has normally obtained certain details of confidential bank account information, personal or company, and therefore appears credible. This can lead you to reveal further bank account security details enabling the fraudster to make unauthorised online payments.

A number of people have also reported receiving phone calls, texts or emails allegedly from banks or HMRC (stating tax due is to be paid), and then pressure is exerted to attempt to get the recipient to click on links or give out details, which will then leave them vulnerable to a fraud attack.

What to look out for

Fraudsters are becoming increasingly more sophisticated when trying to obtain information to enable them to carry out payment diversion fraud. There are some signs, however, that you can look out for:

  • Pressure or coercion – exerted either by email or on telephone calls to try to make you action bank account changes or payments quickly
  • Unrecognised or masked email addresses – these either don’t match the sending company or by hovering over a ‘mail to’ link will show the underlying recipient’s email address, so you can check the address an email will be sent to.
  • Falsified letters or emails – letters or emails often contain false contact details that divert to the fraudster when a company or individual calls or emails to confirm the change. Check the validity of an invoice using known contact details that don’t come from the invoice.

Although correspondence may have an official logo, this is often available on the internet and it may not still be on official letter headed paper.

  • Pretext calls – before sending fake instructions, fraudsters often make a so called ‘pretext’ telephone calls to try and get information which will then be used to increase their chance of success. They may ask for names or telephone numbers. Be watchful of such calls and do not give away names of people who work for the company to unverified callers.

Speak to us at Dennis Watkins to find out more about how we can protect you and your business against the financial and reputation impact of fraud.

Payment Diversion Fraud – protecting your data
POST Footer