Intelligent CISO Issue 06 | Page 37

A Are there any new trends businesses/organisations should be aware of when it comes to fraud? According to Action Fraud, the UK’s central reporting centre for fraud and cybercrime, one of the most common frauds businesses experience is payment diversion fraud. This normally happens when a business or their supplier’s emails are compromised and can affect many types of businesses and organisations, including conveyancing and solicitors’ firms, particularly during the completion stage on properties. Other ways in which this can happen is through spoofed emails which claim to be from a CEO. These are often addressed to the financial officer and ask for an urgent transfer. To prevent this, businesses should ensure they have a means to query any change requests or spontaneous payments. Action Fraud advises solicitors that any payment instructions should come by letter rather than email and that secure platforms are used to exchange correspondence. Another type of fraud frequently reported to Action Fraud by businesses is phishing. Fraudsters will pose as well-known companies in order to trick businesses into parting with information and money. To prevent this from happening, employees should check the source of their emails before passing on data which may lead to fraud. Businesses need to be aware that phishing emails, calls and texts can also affect their customers, so that they c