One in twelve respondents have fallen victim to impersonation fraud as nearly half a million SMEs (small and medium-sized enterprises) in the UK may have been impacted by these scams, according to data released by Lloyds Bank.
The research has also found that there has been a 58% rise in this type of crime in the year-to-date. Law firms have been among the sectors most affected with 19%, followed by HR professionals, IT workers and finance companies.
However, as the figures are drawn from reported fraud, the true scale of the problem is likely to be much larger.
To raise awareness and educate workers on how to stop scammers, the bank has teamed up with Get Safe Online, creating a video where a team of CEO lookalikes pretend to be the real deal to scam unsuspecting staff out of money.
These fraudsters attempt both CEO fraud and invoice fraud. In doing so, they demonstrate some of the most common techniques used in impersonation fraud, including changing bank account details, phishing, fake emails pretending to be your boss or other senior colleagues and social engineering.
This comes as only 20% of victims said they now think twice when receiving a request at work – and the research reveals that a lack of precautions around online safety could be assisting impersonation fraudsters.
Over a third of employees do not know what to look out for or do not have any security precautions in place – leaving them vulnerable.
Gareth Oakley, managing director of business banking at Lloyds Bank, said the rise of impersonation fraud is a very concerning issue for small and medium-sized businesses.
He added: “We know that falling victim to these types of scams can be serious as the impact extends beyond just the financial implications.
“This is why we’ve teamed up with Get Safe Online – to help educate business owners and employees on how to recognise these scams and take the right precautions to protect themselves.”
Impact on employee wellbeing
The fallout from fraud is not just financial. Respondents revealed that the attacks caused emotional upset too. About 15% felt angry, whilst 8% said they could not trust people close to them.
The research also found that one in twenty victims of impersonation fraud were so ashamed that they hid their mistake from their team, potentially with the fear of being fired on their mind.
Victims of impersonation fraud often face financial consequences, with 7% of companies affected said they had experienced financial hardship, with over 6% having to make employees redundant due to the financial impact of the scams.
Over half of respondents say they have experienced scammers posing as their boss, demonstrating a rise in popularity of CEO impersonation fraud. About 52% said they were victims of fraudsters posing as suppliers, with invoice fraud.
Business email compromise, where scammers intercept a legitimate email trail and change the beneficiary bank account details, is an increasingly common method of impersonation fraud, according to Lloyds Bank. This is especially dangerous as fraudsters can change information in a genuine email thread, therefore there are no other warning signs. As email is not a secure method of communication, so any change of details or financial information should always be double checked with a trusted contact.
On how businesses and employees can avoid falling victim to impersonation fraud, Tony Neate, CEO of Get Safe Online, said: “The most effective way to ward against these fraudsters is to double check the details. Verify any requests for amended payments to an organisation directly using established contact details.
“If you’ve received a suspicious email, always check with the person you believe sent it by asking in person, phoning them or using a different trusted communication method.”
