A new type of fraud has hit Danish companies recently. It is a form of so-called contact fraud, where criminals pretend to be an employee of the company in question. They send an email explaining that they have been given a new bank account into which the salary should be deposited.
In reality, it is an account that the criminals have control over. When the money comes in, they pass it on and disappear, while the employee wonders where the salary goes. Kresten Munksgaard is head of the department for prevention, analysis and digital patrolling at the National Center for IT Crime. He does not have precise figures for the exact type of fraud in question.
- We do not have figures for the exact type of fraud that this is. But we have seen an increase, and we suspect that it may grow. That's why we're warning about it now, he says.
According to Kresten Munksgaard, it seems that the perpetrators have identified the easiest targets for the fraud in advance, including by contacting the companies at busy times.
- And they typically go after medium-sized companies, where you may not have the same fixed procedures as in large companies, and where you don't know each other as well as in very small companies. It's quite banal, but sometimes it's also the banal that has the most potential for a criminal, unfortunately, because our society is so trust-based, says the head of department.
He has been in contact with the Confederation of Danish Industry, the Confederation of Danish Enterprise and SMEs Denmark, among others, so that they can prepare their members as best as possible for possible fraud attempts.
Dansk Industri has good advice for members
In the Confederation of Danish Industry, Jeppe Engell, Chief Cybersecurity Consultant, also has the following advice for his members. First and foremost, it's about checking whether an employee is actually the real sender of the email.
- Email is only one of many communication channels today, and our call is that you use one of the other channels to get confirmation from the employee to whom it concerns that the inquiry is real. This can be done over the phone or by personally contacting the person in question, says Jeppe Engell.
He also calls for changing your procedures to prevent fraud as best as possible.
- This can include, among other things, transferring wages exclusively to the employees' Nemkonto. Or simply by saying that during the week when the payroll is being prepared, you cannot correct your account information because it is too busy for the payroll office to check it properly and therefore the parades are down, says Jeppe Engell.
While attempts at payroll fraud are on the rise, there is also good news. According to the police, the so-called CEO fraud, where a criminal pretends to be a boss and asks for a large amount of money to be transferred to his account, is on the rise.
/ritzau/
Text, graphics, images, sound, and other content on this website are protected under copyright law. DK Medier reserves all rights to the content, including the right to exploit the content for the purpose of text and data mining, cf. Section 11b of the Copyright Act and Article 4 of the DSM Directive.
Customers with IP agreements/major customer agreements may only share Danish Offshore Industry articles internally for the purpose of handling specific cases. Sharing in connection with specific cases refers to journaling, archiving, or similar uses.
Customers with a personal subscription/login may not share Danish Offshore Industry articles with individuals who do not themselves have a personal subscription to Danish Offshore Industry.
Any deviation from the above requires written consent from DK Medier.
