Font Size A A A

School Payment Diversion Fraud

Alert message sent 05/01/2018 14:51:00

Information sent on behalf of Devon and Cornwall Police

Payment Diversion Fraud

The purpose of this alert is to provide knowledge and prevention advice to schools and parents of students in order to prevent them from falling victim to payment diversion fraud – a fraud that involves falsely creating or diverting payments.

ALERT CONTENT

Payment Diversion Fraud

Fraudsters are placing themselves in the middle of transactions between parents and private schools. The fraudster contacts the parents outlining details and payment instructions for the latest school fees. Initial contact appears to primarily be made via email and often from the school’s own compromised email system. However the NFIB has also seen instances where the email address used is similar to that of the school (i.e. nn instead of an m).

The victim then makes the required payment into the bank account which is in the control of the fraudster. By the time the fraud has been identified, the funds have already been dissipated.

In several instances there has been a strong social engineering element at play within the email, with the fraudster suggesting a discount on the fees can be obtained if the parents pay early.

PROTECTION / PREVENTION ADVICE

School

Ensure all administration staff are aware of this fraud.

Ensure staff are aware of protocols regarding not opening links or attachments from unexpected or suspicious emails in the event the email system may get compromised.

Review password protocols and ensure those that are used are strong, as long as possible and contain a combination of letters as well as numbers and symbols.

Review internal procedures regarding how the fee payments are requested and ensure these are relayed to the parents so they can easily identify suspicious requests.

Ensure computer systems are secure and that antivirus software is up to date.

To help combat “typo squatting” the school could consider registering similar domain names.

Ensure required security updates to computer systems are completed.

Consider using a payment gateway for any monies required to be received from parents.

 

Parents

Always verify email payment changes in respect of payment fees with the school directly using established contact details you have on file, especially for ones which are not expected or for a different amount than expected.

Always review requests to changes for payment requests. Check for inconsistencies or grammatical errors, such as a misspelt school name or a slightly different email address.

Don’t be afraid to verify details when being asked to make fee payments into a new bank account.

 

Message sent by
Shirley Craft (Police, Community Messaging Officer, Devon & Cornwall)

Message tag words

Back to previous page
Click here to tweet this message to your followers

Discuss this alert message

Please see terms below before using this feature
Please be aware that the facility above is a Facebook service, posting your views will make some of your Facebook information visible to everyone (as with any Facebook activity).

The system administrators (VISAV Limited) monitor the content added. Any misuse or objectionable material should be reported to support@neighbourhoodalert.co.uk.

The views expressed do not represent the views of the system administrators who are VISAV Limited, the Police, Neighbourhood Watch and other Information Provider using this service.