Home Business News HSBC UK warns business about fraud during half term

HSBC UK warns business about fraud during half term

by LLB Finance Reporter
16th Feb 22 9:48 am

HSBC UK is warning businesses to be alert for scams targeting their companies during the February half term break.

During school holidays and other times, when firms might be working outside of their normal processes, such as senior leaders being out of the office, there is an increase in fraudsters trying to take advantage of opportunities to steal money via business email compromise.

Criminals often attempt to impersonate a chief executive, senior manager, or supplier to try and convince staff to make an urgent payment or to change the existing bank account details held on file.

Top tips to protect against Business Email Compromise:

  1. Be cautious over any new bank details or payment requests, even from seemingly trusted sources or existing suppliers and contacts. Scrutinise any payment requests received by email. Is it from the correct email address, is the language / tone in the usual manner, is the request creating urgency?
  2. Have procedures in place for validating change of account details, for example:
    • Call the supplier on a known contact number (from your own records or from the company website – not the email received) to verify this change.
    • Include an additional level of approval for any first payments or payments to amended details – having an extra pair of eyes check the details could prevent a loss.
    • Don’t rely on the email being part of an existing email trail, fraudsters may have intercepted a genuine trail.
  1. Never seek to verify bank account details via email or using the number on the email requesting the payment change, as this could have been edited by the fraudster – use a known number or go via the company’s switchboard.
  2. If unsure on a payment or a request, even if received from within your own company speak to a colleague or the sender on the phone, from a known number.
  3. Use of Confirmation of Payee for UK payments, ensuring the beneficiary names entered into payments match that of the account with receiving bank.

Be alert

A recent example from an HSBC UK customer, saw them customer lose £50,000 to a payment diversion scam.

The customer received an email from a regular supplier chasing a payment. The ​email advised of a change of bank account details and was from the supplier’s usual email address. The tone and text of the email appeared to be normal, so no concerns were raised. ​

The customer did not attempt to verify the change in details and did not have a procedure for checking change of payee details. The payment was made and later it was confirmed that the suppliers genuine email address had been breached. ​

This could have been prevented through having and following procedures for change of payment details from suppliers and carrying out additional due diligence on any new bank details, whether that be for existing suppliers or new suppliers.

Peter McIntyre, Head of Small Business Banking at HSBC UK, said, “We know there has been a rise in APP scams year on year, with UK Finance highlighting a 24% increase by value across the industry in the first half on 2021. It is our absolute priority to protect our customers from unscrupulous criminals, who target businesses for their own financial gain. We constantly update and evolve our processes to stop these criminals and prevent customers falling victim to scams.

“Businesses need to be alert especially when operating outside of their normal operating procedures, school holidays provide the perfect opportunity for a well-publicised time when businesses may have key senior managers out of the office. I urge businesses to take a look at our tops tips and also download our Fraud app, which is available to all businesses and provides regular updates on how to protect your business and alerts for emerging risks.”

Leave a Commment

You may also like


Sign up to our daily news alerts

[ms-form id=1]