The Charity Commission has issued an alert to charities warning that there are fraudsters targeting the sector.
The charity regulator said it has received several reports from charities which have been targeted by fraudsters who are impersonating members of staff and are attempting to change employees’ bank details. In all these cases the requests have been made via email.
The Commission is advising all charities to look out for some specific signs of fraud. This includes requests to HR departments, finance departments or staff with authority to update employees bank details, usually from a spoofed or similar email address to that of the subject being impersonated.
Alan Bryce, head of development, counter-fraud and cybercrime at the Commission, said: “We want charities to thrive, so ensuring charitable funds are protected from harm and can be spent of the charity’s activities and beneficiaries is vital.
“We know several charities have been targeted by this fraud and we want to ensure others are equipped to protect themselves. So our message to charities is clear – read and understand our guidance on fraud – and check who’s sending an email whenever you receive a message about changes to staff bank details.”
In terms of protection and prevention advice, the Commission suggests charities review internal procedures regarding how employee details are amended and approved, especially those in relation to verifying validity. Additionally, if an email is unexpected or unusual, then links and attachments should not be clicked.
The regulator states that charities affected by fraud should also report it as a serious incident.