The Charity Commission has issued a warning to charities to be aware of CEO fraud through the use of Christmas gift cards.
It involves the fraudulent impersonation of a senior figure within a charity, often the CEO, with subsequent requests for the fraudulent transfers of funds by the charity to the fraudster’s bank account.
Fraud and cybercrime reporting firm, Action Fraud, said there is a new variation whereby charities are targeted by fraudsters falsely claiming to be the CEO (or a similar senior position within the charity) requesting that gift card vouchers be purchased for staff as a form of Christmas gift.
According to the group once the vouchers have been purchased, the fraudster requests copies of the cards and their codes, allowing the fraudster to spend up to the value of the card. Contact is typically made by email, usually from a spoofed or similar email address as the one the CEO or director of the charity would use.
The Charity Commission has advised charities to:
- Ensure that they have robust processes in place to verify and corroborate all requests requiring a payment or transaction.
- Get in touch with the purported originator directly, using contact details you know to be correct, to confirm that the request you have received is legitimate.
- Make all employees aware of these procedures and encourage them to challenge requests they think may be suspicious.
A statement by the department read: “Sensitive information you post publicly, or dispose of incorrectly, can be used by fraudsters to perpetrate fraud against you. The more information they have about you, the more convincingly they can purport to be one of your legitimate employees – always shred confidential documents before throwing them away.”