*Advisers have received instructions that appear to have been sent from genuine customer email addresses, but in reality have come from fraudsters who have hacked customer email accounts.
The emails will ask for a payment to be made to a new bank account. The new bank details will not always be included at the same time as the payment request but might be in the middle of another email, perhaps in response to an email acknowledging the payment request.
When you receive an email instruction take steps to verify that the instruction is genuine:
- Call the customer direct, to confirm the payment instruction is genuine, that the new bank account genuinely belongs to the customer, and to obtain evidence of it. Do not rely on an email alone from the customer. Fraudsters may look to prevent a call by claiming that, for example, the customer is out of the country. In such instances, you should still contact the customer before acting on an email instruction.
- Make the call to the customer using a telephone number that you have used previously to contact them.Do not use a number shown on the email.
- Obtain an original bank statement, paying in slip or void cheque as evidence of a new bank account and NOT a pdf/photocopy.
Ensure that you have the necessary authority from all parties before acting on an instruction on joint portfolios.
The language used in emails can sometimes help to identify a fraudulent instruction so you should consider the language and style used:
- Is it consistent with that normally used by the customer?
- Would the customer normally ask for the funds to be “wired”?
- Would you expect the customer to use the £ sign or GBP?
- Is it normal for the customer to sign off by using a Christian, Middle and Surname?
However, in other instances the fraudsters do not change any of the words in the customer’s original email, sometimes only changing the bank account details; this is why it is important to call the customer direct to verify the request.