This website uses cookies for anonymised analytics and for account authentication. See our privacy and cookies policies for more information.





The voice of Scotland’s vibrant voluntary sector

Published by Scottish Council for Voluntary Organisations

TFN is published by the Scottish Council for Voluntary Organisations, Mansfield Traquair Centre, 15 Mansfield Place, Edinburgh, EH3 6BB. The Scottish Council for Voluntary Organisations (SCVO) is a Scottish Charitable Incorporated Organisation. Registration number SC003558.

Online fraud warning for charities

This news post is about 5 years old
 

The Charity Commission has urged organisations to be vigilant after receiving reports of an online scam

Charities have been urged to be on the lookout for online fraudsters.

The Charity Commission has issued an alert after it received several reports from charities who have been targeted by fraudsters impersonating members of staff, specifically attempting to change employees’ bank details. In all the cases reported, the request was made through an email.

Organisations have been advised to look out for requests to their HR department, finance department or staff with authority to update employee bank details, usually from a spoofed or similar email address to that of the subject being impersonated. With a strong social engineering element, the fraudster often states that they have changed their bank details or opened a new bank account.

A spokesman for the Charity Commission said: “Email addresses can be spoofed to appear as though an email is from someone you know. Check email addresses and telephone numbers when changes are requested. If in doubt request clarification from an alternatively sourced email address or phone number.

“Sensitive information you post publicly, or dispose of incorrectly, can be used by fraudsters to perpetrate fraud against you. The more information they have about your charity and employees, the more convincingly they can appear to be one of your legitimate employees. Always shred confidential documents before throwing them away.”

Staff are being advised to review internal procedures regarding how employee details are amended and approved, especially those in relation to verifying validity, and if an email is unexpected or unusual to not click on the links or open the attachments.

For more information, visit the alert page.

 

Comments

0 0
Jerry Thomas
about 5 years ago
They are not only targeting people through email, but also phone calls. I have read many reports filed by people about fake charity scams at complaint board websites like http://whycall.me since years ago. People should be aware of how these scammers work. Keep spreading the word and be on extra guard.
Commenting is now closed on this post