Alert for charities – fraudsters impersonating staff

Posted on: December 18, 2019

Content from The Charity Commission


This alert provides information and advice to charities about mandate fraud (impersonation of staff).

We have received several reports from charities who have been targeted by fraudsters impersonating members of staff, specifically attempting to change employees bank details. In all these cases the request was made through an email.

What to look out for

Requests to your HR department, finance department or staff with authority to update employees bank details, usually from a spoofed or similar email address to that of the subject being impersonated.

With a strong social engineering element, the fraudster often states that they have changed their bank details or opened a new bank account.

Protection and prevention advice

  • review internal procedures regarding how employee details are amended and approved, especially those in relation to verifying validity
  • if an email is unexpected or unusual do not click on the links or open the attachments

Email addresses can be spoofed to appear as though an email is from someone you know. Check email addresses and telephone numbers when changes are requested. If in doubt request clarification from an alternatively sourced email address or phone number.

Sensitive information you post publicly, or dispose of incorrectly, can be used by fraudsters to perpetrate fraud against you. The more information they have about your charity and employees, the more convincingly they can appear to be one of your legitimate employees. Always shred confidential documents before throwing them away.

We issued an alert in May 2019 that provides information and advice to charity trustees about cyber crime and how to report it.

Read Alert for charities – cyber crime and how to report to the Charity Commission

Reporting fraud

If your charity has fallen victim to this type of fraud, or any other type of fraud, you should report it to Action Fraud.

Charities affected by fraud should also report it to us as a serious incident.

Serious incident reporting helps us to assess the volume and impact of incidents within charities, and to understand the risks facing the sector as a whole. Where appropriate, the Charity Commission can also provide timely advice and guidance.

Author: Steering Member
Posted:
Categories: News

Leave a Reply

Related Posts

Colchester’s Strategic Partnership Announces Borough’s Winter Resilience Campaign

Colchester’s strategic partnership, One Colchester launched its 2021-22 Winter Resilience campaign to help those in need stay safe, warm, well and connected this winter. Thanks to partnership working, funding and community spirit, this project continues to provide advice and support through the One Colchester initiative delivering roadshows in the community and distributing winter packs to
Read more…

Read more...

£1m Arts and Cultural Fund opens for applications

Our new £1 million fund set up to support Essex’s art and culture sector has opened for applications today (Tuesday 4th January). The Essex County Council Arts and Cultural Fund will offer artists and cultural organisations grants from £2,500 to £30,000 to deliver projects. It will support projects across the creative sectors and is open
Read more…

Read more...

Apply for funding to set up a fridge

Co-op is working in partnership with Hubbub to offer funding to local groups for 100 Community Fridges across the UK. Successful groups will receive: £4,000 funding support to set up a fridge membership to Hubbub’s Community Fridge Network Who can apply Community groups that: have not yet set up a Community Fridge are not for profit will set up their fridge in the next 6 months will
Read more…

Read more...