The continuing COVID-19 crisis is of course continuing to bring about all sorts of business challenges. You normally expect to see us sending out HR/People related information/comment but in the spirit of adding value in a more general sense and because our colleague, Andy Favell (https://enlightenhr.com/our-consultants/andy-favell-associate/), has highlighted this risk to us, we thought we’d share these thoughts with you. So, with thanks to Andy for the drafting, we hope you will find this informative:
A newly emerging challenge that is worth taking a moment to recognise is that there are organised criminals actively seeking to exploit the current crisis for their own gains at expense, loss and heartache of others.
Over the last few days many organisations such as Google and the Charities Commission have highlighted how business to business fraud is becoming an increasing threat to be aware of.
As many businesses are having to adjust how they operate, including going outside of the usual procedures and working from home, it is recommended that all staff who are involved in procurement and/or the movement of funds and resources to keep alert to how sophisticated scams are operating. Attempts to defraud businesses at the moment seem to be centred around:
- Email phishing (the sending of emails, asking for details)
- Email impersonations (emails that appear to be from a trusted source, including perhaps internal colleagues or partner organisations, requiring you to do something)
- Phone phreaking (calls purporting to be from e.g. banks, suppliers, regulators or enforcement organisations asking details or requiring you to take a specific course of action)
- The provision of unsolicited goods or services
Often criminals will try and use your emotions to elicit unusual behaviour to intentionally bypass usual procedures and any self-checking. This is particularly the case during these busy times or when colleagues are needing to deal with different or unfamiliar work streams. Be especially wary of communications that seem to be:
- Urgent
- Appears to have some kind of legitimate justification
- Creates a feeling that if you don’t do something you will either be missing out and/or at risk of something else occurring
- Is requiring something slightly unusual or is from someone unknown or unusual
There are some really helpful and free general resources available for businesses and organisations to use, including the UK government backed Take-Five-ToStopFraud site and the National Cyber Security Centre. We especially like the Take Five Over Tea general tool kit.
In general terms, it is recommended that you check communications carefully – if something doesn’t feel right, it probably isn’t and needs confirming, using a trusted and validated contact (never be tempted to use the information that is provided in emails or on calls, as this is also likely to be false to aid the fraudsters).
If you think you have been a victim or need more information about the fraud or attempted fraud visit https://www.actionfraud.police.uk/ (run by City of London Police).