Business email compromise fraud attacks have soared 58% over the past year and affected as many as 500,000 SMEs in the UK according to Lloyds Bank.
Lloyds have also revealed that smaller UK firms are losing on average £27,000 per scam to impersonation fraud attacks. Law firms were the businesses that were targeted the most, followed by HR, IT workers and finance companies.
The report found that half of the respondents claimed that scammers tried to impersonate the CEO, as well as suppliers, highlighting the challenge organisations are facing to combat the problem.
Other reports have found that when impersonating CEOs, fraudsters often do so by asking an unsuspecting employee to purchase iTunes cards as rewards for customers and to then email the codes to the “CEO”.
The most effective way to prevent these attacks is to double check the details – emails can appear to be from “John Smith CEO” but make sure you check the email address is also correct and if possible check in person or by telephone. If a supplier asks for payment to a different account on email, please be sure to contact them by other means to verify as well.