Fake Identity Fraud: Know the Signs

 
Identity fraud can be described as the use of a fake identity to obtain goods or services by deception. Fraudsters can use your personal or business’ details to take payments, open bank accounts, obtain credit cards or loans and hold you or your business to ransom.
3 common fraudulent identities to be aware of:
 

THE IT MANAGER

• Unusual sense of urgency or requirement for confidentiality
• Request to download external software (e.g. remote access software)
• Request for username / password details

The “IT specialist” from your IT support or security company informs you of a security breach or need for urgent access to company systems or data.
The specialist requires access to your system and requests login information (passwords or email address).
The data or access acquired is used to hold the business to ransom or to access sensitive data.

 
 

THE CEO

• Direct contact by a senior official you are not normally not in contact with
• A request contradicting standard procedures
• Request for confidentiality, unusual threats or flattery

A “senior executive” from within your business requires an urgent transfer of funds often for a sensitive or confidential reason.
You are requested (or pressured) not to follow regular authorisation procedures and you transfer funds to an account controlled but the fraudster.
The money is usually instantly moved to impeded retrieval.

 
 

THE SUPPLIER

• Sudden or short notice changes in payment details or deadlines (normally announced a few weeks/months in advance)

A “supplier” alerts you to a sudden change in contact or payment details, and requests the next payment to be made to a new account.
You transfer payment according to the new payment requirements.
This error is often not noticed until the genuine supplier chases a late payment.

 
 

How to Keep Safe

1. Strictly apply corporate security procedures. Don’t skip any steps without authorisation.
2. Carefully check email addresses before responding. Look out for misspellings or changes.
3. Never give out sensitive information (passwords or bank details) over the phone.
4. If a supplier informs you of changes, ask for confirmation through an established channel.
5. If in doubt, don’t act!

 
Back to ‘Cyber Security Resources‘ page