Beware: Email scammers are targeting brokers

Did you know in the recent Cyber Security Breaches Survey, 32% of UK businesses reported having a cyber security breach or attack in the last 12 months? 80% of these businesses cited Phishing as the method of attack*. 

What is Phishing? A criminal will cast his ‘line’ out, using bait to attract a victim e.g. spoof email or website, before reeling them in with the intention of getting them to reveal confidential information like log-in information, bank details, security questions etc. 

Recently, one of our sales managers received an email from a “broker” requesting we change the bank account details used to pay them.

The message read: 

I just received an urgent information due to ongoing audit on our previous account details given to you, we won't be able to receive the payment on the account. Kindly hold on with the payment and I will advise our new account details shortly”

Although the email address details were correct, the sales manager was suspicions due to the unusual request and poor grammar. So he emailed the broker and asked for a password that had been used previously. 

The correct password was then provided along with new bank account details. But even though the reply had the correct password, the sales manager was unconvinced due to the style of the email. He contacted the broker by phone, who confirmed they hadnt asked for a change of bank details. 

The vigilance of the sales manager thwarted this attack, which would have resulted in payments not being sent to the broker. The attack, which appears to have been caused by scammers who'd hacked into the broker’s email shows how we should all be vigilant for scams.

How can you protect yourself?

Cyber criminals are becoming smarter and constantly looking for new ways to target businesses big and small. What can you do to protect yourself from becoming a victim of these malicious acts?

  • Keep your computer systems safe and secure. Keeping them up to date with the recent patches, use malware protection (anti-virus) and protect internet access. 
  • Change your passwords if you suspect a scammer may have access to them.

Be wary of email - scammers are sophisticated:

  • Minor things can be big indicators of scam attempts - unfamiliar use of language, unusual greetings, urgent demands, unexpected requests for login information, payment details and offers that are ‘too good to be true.’
  • Verify email addresses are exactly the same as those on file (e.g. is there an additional letter, number or space or a different spelling of the same name?)
  • Check spelling, grammar, flow and format of the email content.
  • If in doubt, call the sender to validate the message.

If you suspect someone has hacked your computers and Aviva or customer data is at risk, please contact your Aviva representative. 

Find out more

We have a series of 'Cyber Risk' modules available on our Aviva Learing and Development Zone, to help you brush up on your knowledge. Simply search 'cyber' on the Development Zone site.

For more information about registering for Aviva's Development Zone, email devzone@rwagroup.co.uk.

*Data from Department for Digital, Culture, Media & Sport’s Cyber Security Breaches Survey 2019 report.  

Further information on computer security can be found at the UK Government’s 10 steps to cyber security here.

Post a comment

Please Log in to post a comment.

Log in to save this page to your favourites.