Protecting charity and not-for-profit sectors from cyber crime and fraud
Main article content
We are supporting 'International Charity Fraud Awareness Week' between 19-23 October 2020.
The aim of this week is to bring together everyone involved in the charity and not-for-profit sectors to raise awareness and share good practice in tackling fraud and cybercrime.
These sectors are susceptible to fraud and can be targeted. Those providing services and supporting local communities may be especially vulnerable to fraudsters attempting to exploit the current national and global crises to carry out fraud and cybercrime. This means that now, more than ever, charities need to be fraud aware and take steps to protect their money, people and assets from harm.
This year’s campaign has three core messages:
Be fraud aware
Charities hold information that can be attractive to fraudsters:
Don’t click on links within unexpected or unsolicited emails and text messages. Verify with the person or organisation using known contact details (not those used in the email).
Make sure your staff and volunteers are fraud aware and give them a safe way to raise their concerns.
Take time to check
Criminals are experts at impersonating people and businesses:
If it looks too good to be true, it probably is!
Have you been asked to amend an existing supplier’s bank account details? Take time to confirm it is genuine using known contact details before making payment, even if it appears to have come from their official email account.
Query unsolicited offers of 'free help' or financial support where an advanced fee payment is required.
Regularly check your charity’s bank statements to spot unusual or suspicious activity.
Keep your charity safe
Keep full financial records and put all important decisions in writing.
When paying someone for the first time, consider transferring a small amount first. Check that it has been received before paying the remainder.
Do not give anyone remote access to your computer following a cold call or unsolicited text.
Use strong passwords consisting of three random words for all your accounts and ensure you add 2FA (2-Factor Authentication) to all accounts where possible using the privacy settings.