We're creating a single website for everything to do with BIS but, while we do that, you'll find information in three places. > Find what you're looking for
Increasing numbers of frauds and illegal scams are directed at small companies and individuals. Greater use of the Internet is one reason for this increase, although it is not the only factor.
It is recognised that improved technology has aided the development of new frauds whilst existing frauds have been adapted to exploit these improved technologies.
Some common frauds include:
These examples are not restricted to technology-based issues but they do rely on remote communication to further their aims.
For up to date advice, you may wish to visit the Consumer Direct web site.
The global rise of telemarketing has produced a corresponding increase in telemarketing fraud. We are all vulnerable to illegal scams via telemarketing (and by fax, e-mail and the post) but the following pointers highlight how you can protect yourself:
Other indications of possible fraud include:
One of the best ways to reduce the number of unsolicited telephone calls received (and so reduce the risk of fraud) is to register with the Telephone Preference Service (TPS). The TPS was formed in 1995 as a voluntary (self-regulatory) body to enable consumers to opt-out of receiving unsolicited sales and marketing calls.
You can subscribe to this scheme if you are an individual - in other words, a private person, a sole trader or (except in Scotland) a partnership. For further information about the TPS or registering on the scheme, visit their web site at www.tpsonline.org.uk.
A similar scheme exists for unsolicited mail. The Mailing Preference Service (MPS) is an initiative set up some 20 years ago by the direct mail industry to enable consumers to have their names and home addresses in the UK removed from lists used by the industry. This service is free to individuals. For further information or to register for the scheme, visit the website at http://www.mpsonline.org.uk/mpsr/ .
AFFs often (but not exclusively) originate from parts of Africa. Nigeria is notorious for this type of scam, so much so that AFFs are often called '419 Schemes' after Section 4.1.9 of the Nigerian penal code. Common characteristics of an AFF scheme include:
Other variants of the AFF scheme include property ventures and offers of low-cost oil.
If you receive a message that you suspect is an AFF scheme or variant, do not respond. Even a tentative response will induce rapid, pressured communication, which will only prolong the correspondence.
Some police forces ask that such communications be forwarded to them, so it is worth seeking advice from your local police force.
As the popularity of lotteries has increased in recent years, so too has the number of lottery-based scams. A well-known example is the 'Canadian lottery scam'.
This involves people (based in Canadian call centres) telephoning potential victims and advising them that they have won money on the lottery but before they can claim the prize, they must send money to cover processing fees. More than 80% of victims are aged over 65 and many are told not to use credit cards as these 'can be traced' and prizes would be liable to local taxes.
It is not unusual for victims to be targeted more than once as 'sucker lists' are commonly shared amongst fraudster groups.
Do not respond to such a call with anything other than a request for more information and never pay fees in advance.
In a false billing scam, the fraudster sends a professional-looking invoice for products or services that were never ordered or received, hoping that it will be paid without investigation.
This type of scam is usually aimed at larger organisations with big billing/ payment systems, in the hope that smaller invoices will go through unnoticed. In some cases, false billing is pre-empted by a telephone call from the fraudster, intending to make targets think that they may have bought something from the fraudster at some point.
Variants on such scams include:
The best approach is to have sound accounting practices. Always use a purchase order numbering system and never pay an invoice if there is no corresponding purchase order.
If your business offers any form of online trading there are many ways you could be targeted by fraudsters.
One of the simplest is the use of stolen credit cards to pay for goods or services. While card issuers carry much of the risk in such transactions, you are obliged to ensure that transactions are validated in accordance with your bank's contractual instructions.
This is even more important when dealing with 'cardholder not present' transactions, especially when the delivery address of the items purchased is different from that of the cardholder.
Your bank will issue its own instructions and guidelines for processing card transactions and these should be followed at all times.
Additionally, Card Watch is the UK banking industry's body that works with police, retailers and other organisations to fight plastic card fraud. It offers advice to retailers and similar organisations who accept card payments and has devised a 'Spot & Stop Card Fraud Pack' to help prevent card fraud occurring at the sales desk or on the telephone.
Identity theft is when someone uses information about a person (or an organisation) to assume their identity. They will then try to obtain goods or services using that identity - for example, jewellery, electronic items, bank loans and credit cards.
There are many ways in which an identity can be assumed. Some fraudsters read formal death notices in local newspapers and seek to assume the identity of someone who has recently died, while others scour rubbish bins behind offices and shops, looking for credit card slips.
There are also cases where fraudsters set up web sites to elicit information as part of a seemingly legitimate transaction - a technique known as 'web spoofing'.
There are a number of things you can do to reduce personal and commercial exposure to the threat of identity theft. One of the most important steps is to ensure that your staff are aware of the risks - they are the people most likely to be contacted by potential fraudsters.
Some useful tips include:
'Phishing' is the term used for the practice of sending false e-mail messages to a wide audience (using 'spamming lists') in the hope that some people will reply to them.
Phishing e-mails are designed to look as if they come from a bank or similar organisation asking recipients to confirm their account details (including account numbers and online banking security information). They usually give a plausible reason for requesting such details - for example, to maintain an account.
An e-mail sent to Citibank customers in early January 2004 stated:
'On January 10 Citibank had to block some accounts in our system connected with money laundering, credit card fraud, terrorism and check fraud activity. The information in regards to those accounts has been passed to our correspondent banks, local, federal and international authorities.
Due to our extensive database operations some accounts may have been changed. We are asking our customers to check their checking and savings accounts if they are active or if their current balance is correct.'
Links were given to false web sites, used to record information given for fraudulent purposes. The message was sent from an address that looked genuine and even asked customers to connect to a particular (false) web site 'if you suspect fraud'.
Many 'phishing' e-mails do succeed (some suggest about 5%), with victims suffering identity theft and financial loss. One of the problems with such attacks is that the links provided in the e-mails go to false sites that look exactly the same as those they claim to be - even the address looks the same.
The following UK banks have been hit by such attacks: