The Covid-19 pandemic has rendered construction businesses even more vulnerable than they may have been prior to the outbreak of the virus. While stringent hygiene protocols may protect their employees from infection, Databuild CEO Morag Evans believes companies also need to be wary of falling prey to scammers, who use clever schemes to defraud vulnerable businesses.
“Scammers will not hesitate to exploit the many businesses desperate to boost their cash flow in the wake of the pandemic, and communications promising funding relief are rife. What some business owners innocently believe to be a lifeline for their company could turn out to be its death knell, unless they remain vigilant.”
Building Credit Management (BCM) director Craig Johnson echoed these sentiments at a webinar hosted by Databuild.
“Fraudsters are becoming increasingly professional and the only way to avoid becoming one of their victims is to know their tactics,” he says.
According to Johnson, the three most commonly perpetrated scams include change of banking details, business identity fraud and the distribution of malicious email attachments.
“Fictitious cash sales and EFT refunds, as well as fabricated export and import enquiries are also prevalent,” he adds.
Notification of a change in banking details usually occurs in the form of an emailed letter or invoice supposedly sent from one of the company’s suppliers. The document appears to contain all the required credentials, even sometimes including an authentic-looking bank stamp.
“Companies should not make any changes to their payment system without receiving written verification of the legitimacy of the changes from the relevant financial director,” Johnson advises. “Do not rely on a telephone call for verification as the contact numbers provided on the documents usually direct straight to the fraudsters. If you are unsure, rather do nothing. This is the safest way to keep your money in the bank.”
Identity fraud occurs when the perpetrator poses as a well-established business (typically one that may be listed on the Johannesburg Stock Exchange) seeking to purchase an order of goods.
“Question all high-value once-off orders and be particularly aware of any unusual circumstances such as the absence of a vendor agreement, a request to collect the goods rather than have them delivered, and the insistence that the order be processed as a matter of urgency,” warns Johnson. “Any enquiry that is not initiated by a company representative, or an order that does not fall within your line of business should also be viewed with suspicion.”
“Don’t be afraid to question the authenticity of any enquiry. Once you’ve handed over your money it’s virtually impossible to get it back. Escalate anything that seems unusual and if possible, visit the premises to ensure the company is legitimate.”
Malicious email attachments pose an increasingly dangerous threat to a company’s security, Johnson continues. “Do not open any email attachments that appear suspicious, as doing so could trigger a virus that infiltrates your network and holds it hostage. If a hefty ransom is demanded, don’t pay it as this may lead to further ultimatums.”
All companies are targeted by scammers at some time, and the risk to the business should never be under-estimated, says Johnson. “Some scams are easy to identify, while others are so cunningly executed you may not know you have been scammed until it’s too late.
“Consequently, besides implementing appropriate network security measures, it’s also important to educate staff on what to look out for and implement a reporting procedure should any suspicious activity be detected,” he concludes.