North West Regional Organised Crime Unit
 

Fraud alert advice issued to funeral directors across the North West

Mon 19th, Mar

TITAN, the North West Regional Organised Crime Unit, are urging funeral directors across the region to be alert after attempted scams to defraud clients from thousands of pounds.

In one incident a client received an e-mail purporting to be from a funeral directors asking them to pay £5,400 for a funeral into a false account. Thankfully the individual contacted the company to check the e-mail and no money was lost. Mandate Fraud is committed by criminals who hack into e-mail chains between a client and a company. The criminal send a spoof e-mail informing the client that funds should now be paid into a different account and provide details of an account under their control. Cyber Protect Officer Helen Williams said: “It’s really important to check tiny details before making any payment. Just one digit difference in a bank account number can easily be overlooked but could result in you losing a large amount of money at what is already a difficult time. Slow down and take a few minutes to check everything is right before parting with money to make sure it’s going to the right place.” In order to prevent similar offences, TITAN Regional Cyber Crime Unit are keen to ensure that the following Cyber Protect advice is distributed as widely as possible: Protection advice • Ensure clients are familiar with exact details for making payment • Encourage clients to check all bank account details for inconsistencies before making a financial transaction • Ensure all staff, not just finance teams are aware of this fraud. • Always verify email payment changes to financial agreements with the organisation directly using established contact details you have on file. If called ask the caller to give you a main switchboard number for you to be routed back to them. Alternatively, hang up and call them back using established contact details you have on file. • Have a system in place which allows staff to properly verify contact from their CEO or senior members of staff; for example having two points of contact so that the staff can check that the instruction which they have received from their CEO is legitimate. • Always review requests to change ‘one off’ payment requests. Check for inconsistencies or grammatical errors, such as a misspelt company name or a slightly different email address. • Ensure computer systems are secure and that antivirus software is up to date. • Review password protocols and ensure those that are used are strong, as long as possible and contain a combination of letters as well as numbers and symbols. • Do not use the same password for more than one application. If one application is compromised others become immediately vulnerable. For further advice on cyber security follow @cyberprotectUK Visit www.actionfraud.police.uk