Mandate fraud

Criminals will contact businesses or customers via email, usually claiming to be from a company that the business or customer has been dealing with. They will request a payment to be made often or inform the recipient of a change of bank account details.

Criminals will often create fake e-mail addresses which are very similar to genuine business or customer addressees and send over fake invoices to make it more believable. All of this leads to payments from businesses and customers directly into bank accounts controlled by the criminals.

Verify: If you receive a request to move money into a new bank account, contact the supplier directly using their official and verifiable contact details to corroborate the payment request. If you are sending large sums, consider sending a small amount of money first as a test payment and confirm this has been received by the intended recipient before sending the full amount.

Internal processes: Establish robust internal processes for handling changes to payment details. For example, only designated employees should be able to make changes to payment arrangements

Sensitive information: Invoices, payment mandates, and other documents containing sensitive financial information should be stored securely and only be accessible to those staff that need them to perform their duties. Sensitive documents should be shredded before they are disposed of.

If you have made a payment: Inform your bank as soon as possible, they can help you prevent any further losses. Monitor your bank statements regularly for any unusual activity.

Review: Perform a review of your payment processes to ensure all payment requests to a new account are verified and corroborated and existing payments are being made to the correct payee.

Identity theft: If you have shared personal or financial information, and suspect your identity may have been stolen, you can check your credit file quickly and easily online. You should do this every few months anyway, using a reputable service provider and follow up on any unexpected or suspicious results. You can also sign up for Cifas services which can help to protect you against fraud.

You could be targeted again: Fraudsters sometimes re-establish contact with previous victims claiming that they can help them recover lost money, this is just a secondary scam. Hang up on any callers that claim they can get your money back for you.

If you have been a victim of mandate fraud, or other types of cyber crime and fraud, report it via our reporting hub or by calling 0300 123 2040.