Fraud is on the rise – don’t be a victim

With email redirection scams on the rise, protecting yourself is a matter of some common sense and a few simple steps.

2 min read

Most Popular

New tax year, new tax changes | Insights | Coutts

27 Feb 2023

As the new tax year approaches, you might want to know about possible changes to what you’ll pay in tax.
3 min
Monthly Financial Market Update | Coutts Private Bank

02 Sep 2022

As UK CPI forecasts turn even more pessimistic, the economy comes under increasing pressure.
1 min

At Coutts, we’re seeing a dramatic rise in what’s known as ‘email redirection’ scams. In these cases, fraudsters use hacked email accounts to intercept expected payment requests and change the bank details to their own account. So instead of the intended person getting the payment, it goes to a fraudster.

Email redirection scams are a type of ‘authorised push payment’ (APP) scam. Fraudsters use a variety of methods to get people to make payments into their accounts by convincing them they’re paying legitimate traders. Overall, APP scams cost victims £354.3 million in 2018.

First line of defence – your email account

The weak point in email redirection fraud is your email account. Making sure it’s secure is a vital first preventative step. Many of us rely on email as an everyday communication method but many emails are not secure and can be intercepted or hacked by fraudsters quite easily.

Fraudsters are usually highly organised and connected, using technology to await any such payment and move the funds on to multiple destinations within minutes. This makes the original payment difficult if not impossible to retrieve.

One of the main ways that email accounts can be accessed is simply by guessing passwords, and hackers have sophisticated ways of doing this. To help prevent it you should change your passwords regularly on all your vital accounts, including email.

“The weak point in email redirection fraud is your email account. Making sure it’s secure is a vital first preventative step.”

In their ‘Little Book of Big Scams’, the Metropolitan Police recommends choosing three random words for a password. Using numbers and special characters can also make a password harder to crack, while still being easy for you to remember.

Ask first, pay second

In these types of fraud, by the time you realise that your genuine payee hasn’t received the funds, it can be too late to stop the money falling into the hands of organised criminals.

That’s why it’s vital to double check when you get an email notifying you of a last minute change to bank details. No matter how unlikely a fraud might appear or how convincing the email might be, you should immediately double check that it’s genuine.

Ideally this will involve a communication method other than email, a telephone call for example. If you are a Coutts client you can call our fraud prevention line on 020 7770 0011 if you need any advice on what to do if you’re suspicious. Don’t be intimidated by demands to pay quickly – this could be a sign that a fraudster is trying to get the money before the fraud comes to light.

New ways to pay our bills and do business have undoubtedly made our lives easier and business more efficient. Each innovation brings new opportunities for fraudsters and scammers, but keeping yourself safe is relatively straightforward. As long as you are cautious and vigilant, there’s no reason to fall for the scam.

Find out more about how to protect yourself against fraud.

Key Takeaways

To prevent your hard-earned funds entering the criminal economy:

whenever you receive original or replacement payee details via email, contact the beneficiary via a different trusted method (such as by phone) to read back and confirm the bank details you’ve been sent BEFORE you send any funds
don’t reply to the email itself or use any telephone numbers provided on it as these may be controlled by the fraudsters
and change your passwords regularly on all systems, including any email account