What is it?
Banking fraud can occur via three channels: online, telephone and mobile. To commit this fraud criminals gain access to your business’s bank account and make unauthorised transfers of money.
Businesses should be aware of the dangers of this type of fraud, where criminals target victims directly and use social engineering tactics to trick them out of their personal and financial information in order to access their accounts. Criminals have exploited modern forms of banking, as levels of usage have increased so has fraud.
Three types of banking fraud to watch out for:
- Mobile banking fraud takes place when you are contacted by a criminal who persuades you to provide access to or make payments from your mobile banking applications.
- Online banking fraud takes place when criminals persuade you to provide access to or make payments from your bank account online.
- Telephone banking takes place when businesses are contacted over the phone and persuaded to make a payment or provide access to accounts during the call. Criminals use social engineering tactics to convince people that they represent a legitimate organisation.
Figures from 2019 show that 81 per cent of the adult population used at least one form of remote banking and there was a significant rise in internet and mobile banking fraud recent years.
HOW TO SPOT BANKING FRAUD
- Your business’s account details have somehow been changed and you may not be able to access your account
- New payees, direct debits and standing orders have been set up on your business’s bank account that you didn’t authorise
- There are transactions on your business’s bank statement you don’t recognise
EXAMPLE OF BANKING FRAUD
Monty* was feeling stressed and under pressure. Several of his colleagues had called in sick and he was really busy when he received a text from what he thought was the bank, informing him of suspicious activity on the business’s bank account.
Despite being rushed off his feet Monty knew he had to sort this issue out quickly, so he called the fraud prevention number provided in the text. He spoke to someone claiming to be from the fraud department, and they confirmed the business’s address and recent transactions. He was asked to provide the business’s bank details in order for the account issues to be resolved. Shortly after, Monty received a One-Time Passcode which he shared with the bank employee. Finally he was informed that the problem with the business’s account had been resolved.
Several days later when he checked the business’s bank account, Monty noticed countless transactions that he hadn’t authorised. He contacted the bank immediately, this time using the number on a bank statement.
Jade* had a busy role in the finance team of her organisation. Having recently submitted tax returns for the organisation, tax was on her mind when she received an email from HMRC. The email said the organisation was due a tax rebate and included a link to a website plus a number to call. Aware of the risks of clicking on links in emails, Jade opted to call the number.
Her suspicions eased when she spoke to the caller claiming to represent HMRC, who verified the organisation’s information. Keen to recoup the money, Jade provided the company account details to the caller. She was informed it would take a week for the refund to be processed.
It wasn’t until the next week when she checked the business’s bank account that she saw all the unknown transactions and she realised she’s been scammed.
*Case studies are based on insights from partners
If you believe your business has fallen for a scam, contact the bank immediately on a number you know to be correct, such as the one listed on the back of your business’s bank card.
Report it to Action Fraud on 0300 123 2040 or via actionfraud.police.uk. If you are in Scotland, please report to Police Scotland directly by calling 101 or Advice Direct Scotland on 0808 164 6000.