Cyberattacks targeting finance teams

The police have notified Cifas of an increasing number of cyberattacks targeting organisations’ financial departments.

Appearing to be from a trustworthy contact of the organisation, the attackers send phishing emails claiming to be status updates for invoices in the hope that the victim will click on a link within the email and unknowingly download credential-stealing malware.

What action should you take?

We encourage all of our members and their colleagues to familiarise themselves with our cybersecurity guide - there are helpful tips for individuals receiving emails, as well as sending email, using the telephone and much more. 

And if you suspect a fraud, or other internet crime, remember to report it on the Action Fraud website.

Where a fraud or scam has actually taken place, it should be reported directly to Police Scotland.