Urgent! Beware charity gift card scams
Have you heard of CEO fraud? It’s where a scammer impersonates the CEO of a company, emails an employee (using a credible, possibly hacked, email address), instructing them to transfer a large sum of money into a bank account. Earlier this year, The Charity Commission highlighted this kind of fraud as being particularly prevalent in the charity sector. Now there’s a new version of this kind of fraud, and it relates to gift card vouchers.
The Charities Commission has issued a warning to charity volunteers, employees, and trustees, about the increasing threat of CEO fraud, using Christmas gift cards.
CEO fraud happens when a scammer fraudulent impersonates a senior charity figure. They simply email a member of staff instructing them to transfer cash funds to their bank account. They either use a genuine email address that they’ve hacked into, or they create an email address that’s close to a genuine email address.
The new Christmas gift card version of this fraudulent behaviour works like this –
The fraudster contacts an employee of the charity, by email, just as before, pretending to be the CEO or someone of a similarly high position. They instruct the employee to purchase a quantity of gift card vouchers, as Christmas gifts for the employees.
Once the staff member has bought the vouchers, the scammer asks for copies of the cards and the associated codes. He now has all he needs to use the vouchers for his own purposes.
The Charity Commission is urging all charities to make sure they have verification procedures in place that are robust. These procedures should be include checking, verifying and corroborating all instructions that require any kind of transaction or payment.
If the staff do receive any such request, they should immediately contact the supposed originator of the request and double-check whether the request is legitimate. They should do this using means other the email address from which the original request came.
All staff should be made aware of these procedures. Managers and colleagues should encourage employees to challenge requests where they feel something just doesn’t ‘smell right’.
Take care with company information
The Charity Commission further advises against the dangers of allowing sensitive company information to be made public. Similarly, how potentially sensitive information is disposed of should also be carefully monitored. It’s lax processes in these areas that encourage scammers and fraudsters to carry out fraud against charities. The more data they have, the more convincing they can be when dealing with employees.
This legal information is not the same as legal advice and you may not rely on our post as a recommendation of any particular legal understanding. Please, consult an attorney if you’d like to get advice on your interpretation of this article.