Businesses conned out of €8m due to invoice and CEO impersonation fraud in 2022 – new FraudSMART figures
New figures from FraudSMART, the fraud awareness initiative led by Banking & Payments Federation Ireland (BPFI), show that businesses were conned out of €8m due to invoice fraud and CEO impersonation fraud during 2022. The figures come as FraudSMART has issued a warning to SMEs to be on the alert for financial scams, especially now that hybrid and work from home practices have become well established following the Covid-19 pandemic.
With small and medium sized businesses being particularly vulnerable to these types of scams, a recent survey with Small Firm’s Association (SFA) members show almost 50% of businesses reported that they had been targeted by fraudsters in the last 12 months.
Speaking on today’s figures Niamh Davenport, Head of Financial Crime, BPFI said: “Most businesses would like to think that they are protected against fraud but unfortunately SMEs continue to be a key target for scammers. Cybercriminals are always looking for new ways to steal information and money and they take advantage of busy work schedules to create an unnecessary sense of urgency in the hope that businesses won’t take the time to do the necessary checks.”
“Covid-19 forced many businesses to adopt a hybrid work model under pressurised circumstances, which has added another layer of risk. For many, the speed of change to work from home practices didn’t allow time to put in place sufficient precautions and processes, training for staff or appropriate and robust security systems suitable for remote work. As a result, over the last 24 months FraudSMART members have seen an increase in CEO impersonation fraud in particular. These scams are easier to fall victim to when working from home as the employee is unable to see if the CEO or executive is in their office or check verbally with a colleague.”
New Fraud Prevention Guide for Businesses
In light of this increased fraud risk, FraudSMART and SFA have today joined forces to launch a new fraud prevention guide for businesses outlining the common types of financial fraud affecting Irish businesses and providing advice on how to avoid them. The guide was launched at a joint FraudSMART/SFA event for SME’s aimed at providing targeted information and advice, to reflect post-Covid changes to work practices and current fraud trends.
Speaking at the event, Minister for Enterprise Trade and Employment, Simon Coveney, said: “As Minister for Enterprise, Trade and Employment I understand the significant risks Irish businesses face from all types of fraud. SMEs who have had to adapt to post-Covid working environments need to impress on staff the importance of vigilance in the face of ever-changing and increasingly sophisticated threats. The costs to businesses are substantial. The efforts to educate, train and inform are significant. It will take a collaborative effort to combat this activity. FraudSMART members together with the relevant security experts are engaging with SMEs to minimise these risks.”
Elizabeth Bowen, Public Affairs Lead, SFA said, “From phishing to invoice fraud, the number of scams designed to trick small businesses into handing over financial information has risen substantially in recent months. SFA is delighted to join with FraudSMART to launch a new fraud prevention guide for businesses outlining the common types of financial fraud affecting Irish businesses and how to protect against such scams. Amid the cost of doing business crisis, rising inflation, and increasing energy costs, it’s more important than ever to protect small businesses’ financial health.”
FraudSMART is advising businesses to be alert to scams and focus on prevention by reviewing business security measures, taking proactive steps to protect against scams and ensuring that employees are up-to-date on current best practices.
Advice for Employers:
- Secure your devices - with up-to-date antivirus software, firewalls, and encryption.
- Establish clear policies and procedures - on how to handle sensitive information and financial transactions.
- Use two factor authentication (2FA).
- Limit access to sensitive information - to only those who need it to do their jobs.
- Conduct background checks - prior to hiring new staff.
- Ensure staff are given appropriate training on cyber security - with a focus on phishing emails.
- Don’t allow staff to bring physical files from the office to home.
Advice for Employees:
- Keep your home Wi-FI network, work laptop and smartphone secure
- Avoid using public Wi-Fi networks
- Keep your work area secure - don’t have passwords taped on the wall and lock your computer when you are away from your desk.
- Stay up-to-date on company policies - including data security, remote work and fraud prevention.
- If you receive an unusual email from a senior member of your organisation - contact them using a known email or phone number. Do not reply to the email or use contact details in the mail.
Today’s event included contributions from Detective Chief Superintendent Pat Lordan, Head of the Garda National Economic Crime Bureau; Criminologist and lecturer in Forensic Psychology, John Deane-O’Keeffe; and former Minister for Justice, Nora Owen. Businesses can download a copy of the new guide here and can sign up to fraud alerts on the FraudSMART website here where they can also find a wealth of further information on fraud types and prevention advice.