Forward Thinking Business Blog –
Technology-enabled fraud is increasingly a concern for businesses. We have previously cautioned against scammers who contact companies requesting credit card details to successfully complete the delivery of a parcel. Delivery companies will never contact you to request payment details – they will either return the parcel or ask for cash on delivery if additional payments are due.
The “2019 Cyber Security Breaches Survey”, published by the UK Government’s Department for Digital, Culture, Media and Sport in April, shows that 32% of businesses identified a cyber security attack in the last 12 months. Where a breach resulted in a loss of data or assets, the average cost of a cyber attack has gone up by more than £1,000 since 2018 to £4,180. DCMS is urging businesses and charities to do more to protect themselves against cybercrime.
In the Republic of Ireland, around one in five SMEs have been affected by invoice redirection fraud according to research carried out late last year by Behaviour & Attitudes for the fraud awareness initiative, FraudSMART.
The research found that the most common types of scam encountered by SMEs are phishing emails (72%), followed by vishing, a phone-based phishing scam (26%), and invoice redirection scams (21%).
Worryingly, over a third of businesses (35%) said that they do not confirm the legitimacy of new bank details from suppliers before confirming a payment.
Media reports in May 2019, highlighted that 132 cases of invoice redirect fraud, or ‘CEO fraud’, involving losses of €4.4 million have been reported to Gardaí this year and that in April 2019 alone, more than €2.2 million was stolen.
To protect against invoice fraud, businesses need to implement robust procedures requiring staff to verify the legitimacy of payment requests. All staff should be alert to the dangers of fraud and those paying invoices should watch out in particular for irregularities such as changes to the account details of vendors.