Spear-phishing email targets accounts departments

Beware of criminals impersonating company directors to approve fake invoices

Recently there have been a spate of email frauds specifically targeting business accounts/payment processing departments.

Criminals are identifying senior company personnel such as directors and acquiring their email addresses. They then send faked internal emails (in a Spear Phishing attack) which appear to be from a director etc. , instructing an individual in the accounts department to transfer funds to a named sort code and account number.

The accounts department are then fooled into thinking that they have received a legitimate request from a director but in fact this is a criminal attempt to defraud.

Hallidays IT recommend the following actions be implemented with your accounts/payment processing departments

  • Any email requests for transfer of funds are confirmed verbally.
  • All electronic payment requests are made in writing and signed by an authorised director – rather than by email

Hallidays can provide additional support, training and solutions to compliment the above advice. If you need any more help, feel free to call our IT team on 0161 476 8276 or email it@hallidays.co.uk

Learn more about how our IT experts can protect your business.


We use cookies on this website, you can find more information about cookies here.