It has recently been brought to our attention that fraudsters have been using Trojan viruses/malware to obtain remote access to personal computers and to record the login and password information used to access accounting/payroll systems and other applications.
In an accounting/payroll system, they then edit existing beneficiary details, changing them to their own bank details, to obtain funds illegally. One of the ways this is done is as follows:
- The fraudster waits for the PC user to do a supplier/salary payment run in their accounting/payroll system to pay legitimate invoices or salaries/wages.
- The fraudster then substitutes the supplier/employee bank account number and sort code that’s been set up for legitimate payments with their own bank details.
- The payment file is created in the accounts package, now using the changed account details for the beneficiaries.
- The user imports the file into their banking software, usually only checking the file total rather than checking the beneficiary account information.
- The user’s banking software then makes the payments using the changed account details, and the money is transferred to the fraudster’s bank account.
Please note: Electronic payments in the UK are made based on sort code and account number only. Any account name given is not routinely checked as part of the automated payment process. This is the same for all UK banks, and it is the responsibility of the remitter to ensure that the account details being used are correct by conducting independent verification.
If you are concerned in any way or would like to discuss the security controls you have in place, please call us on 01707 607100 or email us at contactus@minervauk.com.
About Author:
Minerva IT: Pioneering the Future of Technology
Founded in 1983 by John Chadwick, Minerva IT has grown from a small tech startup into a leading provider of innovative IT solutions, serving a diverse range of clients across multiple industries. Our mission is to empower businesses with cutting-edge technology, enabling them to achieve their strategic objectives and thrive in the digital age.
At Minerva IT, we specialise in a comprehensive suite of services, including cloud solutions, cybersecurity, data management, and IT consulting. Our expertise in cloud online backup means that we are able to make our clients’ data as secure, accessible and protected against threats and data loss as possible. We understand that in today's fast-paced business environment, reliable and efficient IT infrastructure is crucial for success.
Our team of highly skilled professionals is dedicated to delivering tailored solutions that meet the unique needs of each client. We pride ourselves on our customer-centric approach, working closely with our clients to understand their challenges and provide personalised support. This commitment to excellence has earned us a reputation for reliability, innovation, and exceptional service.
Innovation is at the heart of everything we do at Minerva IT. We continuously invest in the latest technologies and training to ensure our team is equipped to handle the ever-evolving IT landscape. Our proactive approach to problem-solving and our ability to anticipate future trends allow us to stay ahead of the curve and deliver solutions that drive long-term success.
Over the years, Minerva IT has forged strong partnerships with industry leaders and technology providers, enhancing our ability to offer the best solutions and support to our clients. Our dedication to quality and integrity has made us a trusted partner for businesses looking to harness the power of technology to achieve their goals.
Minerva IT – empowering your business with innovative IT solutions for a brighter future.