Posted by Joe Scaife on August 16, 2017
Fraudsters have scored a hat-trick of cyber-attacks against hospices resulting in calls for the third sector to be extra vigilant.
Recent months have witnessed a succession of attempted, and in some cases, successful frauds in the hospice sector including three notable cases where fraudsters have used ‘vishing’ scams to target substantial six figure sums. Vishing scams are ways to elicit either banking or credit card information from someone, which may then be used against the hospice to clear its bank accounts or funds.
Last month, one hospice was subject to an elaborate hoax involving an online virus check and another narrowly avoided a sophisticated fraud whereby the hospice’s bank’s phone number appeared fraudulently on a caller display, only thwarted by the hospice’s robust financial controls and the alertness of its staff.
Cyber-attacks against the third sector are evidently becoming increasingly sophisticated, each targeting organisations where you would not normally expect them to succeed.
What should hospices be doing now?
These particular examples in the hospice sector, together with recent high profile attacks such as the ransomware virus affecting parts of the NHS, only serve to reinforce the need for organisations to be prepared and well protected against cyber-fraud. And this is no more pertinent than in the third sector where reputational damage is just as, if not more important, as the financial losses themselves.
Such crimes are complex which makes protecting organisations from fraud increasingly difficult. Yet charity Trustees have an obligation to manage their resources and ensure that funds are protected.
Hospices can undertake a number of measures to help protect against fraud, including promoting fraud awareness and training within the organisation, and reminding all finance staff to be extra vigilant and do not do anything without consultation. It is also good practice to remind trustees to ensure that management are satisfied that controls are in place to ensure that one person cannot authorise large payments, or override existing controls.
To find out how Bishop Fleming can assist your organisation, please contact a member of our team.