CEO Fraud

Please read the below information about how to avoid falling victim to this type of crime, and circulate to those involved in the handling of school finances.

These frauds will typically start with an email being sent from a fraudster to a member of staff in a company or school’s finance department. The e-mail will purport to be from either a company director or CEO or in these cases from the Head Teacher. The e-mail will highlight a need to transfer money to a certain bank account at short notice and will invariably cite some reason why this is urgent.

These frauds exploit the working practices of companies and schools and frequently the member of staff will do as instructed, only later discovering that they have sent money to a fraudster’s bank account.

Simple measures can prevent falling victim to these crimes and where, prior to payment, staff have checked with the Headteacher in person, these fraud attempts have been thwarted.

Top tips

• review internal procedures regarding how transactions are requested and approved; especially those in relation to verifying validity.
• email addresses can be spoofed to appear as though an email is from someone you know. Check email addresses and telephone numbers when transactions are requested. If in doubt request clarification from an alternatively sourced email address or phone number.
• if an email is unexpected or unusual, then don’t click on the links or open the attachments.
• don’t be afraid to question details when being tasked to transfer money at short notice.
• sensitive information you post publicly, or dispose of incorrectly, can be used by fraudsters to perpetrate fraud against you. The more information they have about you, the more convincingly they can purport to be one of your legitimate suppliers or employees. Always shred confidential documents before throwing them away.

If you would like additional information around current threats, please visit NCSC, cyberaware or getsafeonline.