Financial Fraud Action UK has warned that computer malware hidden in fake invoices is being used to steal businesses’ online banking credentials. The invoice appears to be from a regular supplier and looks like a word processing or spreadsheet document. In order to view the file, the user enables a macro on their computer system when they think they are opening the invoice.
This malicious software logs online banking details and other financial information which it relays back to the criminal. Businesses have become increasingly aware of the threats posted by unsolicited phishing emails, but in this new method, the email address used is that of a legitimate supplier or in some cases even someone working at the same company.
Accounts departments are being warned to:
- Be on the lookout for unexpected invoices or unusual payment requests, especially those arriving in different file formats to normal.
- Avoid enabling any macros on an untrusted document. (Macros in themselves are not dangerous and do serve a legitimate purpose –but they can be used to hide malware).
- If you’re suspicious – don’t reply to the email but instead call your supplier on the number that you have on file to check the authenticity of the invoice.
- Ensure you have the latest anti-virus and security updates installed on your computer and consider using high-level macro security settings in software applications.
- Ensure strong firewalls are in place to help detect malware and prevent data leaving the network without permission. This can be achieved through investing in IT and seeking professional advice.
- Consider using a separate computer dedicated to making online payments
to minimise security risks.
About FFA UK
Financial Fraud Action UK (FFA UK) is responsible for leading the collective fight against fraud in the UK payments industry. Its membership includes banks, credit, debit and charge card issuers, and card payment acquirers in the UK. It provides a forum for members to work together on non-competitive issues relating to financial fraud. Its primary function is to facilitate collaborative activity between industry participants and with other partners.