NMBS is warning its members and suppliers to beware of fake emails claiming to be from the Buying Society, after an attempt was made to trick builders’ merchants into sending payments intended for NMBS into a fake account.
In early September a number of members received an email claiming to be from the buying group, informing them that NMBS had changed its bank account details, and asking them to begin sending their payments to a different account, starting from September 2019. In fact, the company has not changed its financial information, and the new bank account details were false.
Julie Langford, Finance & Operations Director says: “We were very concerned to learn of the attempt to defraud our members by tricking them into sending money to a fraudulent account. The email is completely false and none of our bank details have changed.
“We want to assure our members that we would never contact them by email to announce any changes in our financial or banking details. Email is simply not a secure enough platform to be communicating that type of business-critical information.”
NMBS has detailed security procedures in place to protect against cyber threats and is urging its members to take similar precautions. As standard security practice, if a member contacts the business by email or phone asking them to update their financial records about that merchant, the buying society requests the merchant submit a signed letter by post with all the details enclosed. On receipt of the letter, a representative will then contact the merchant directly to confirm that the request is legitimate, and will send back a letter of confirmation before any bank details are changed.
Langford continues: “These precautions do take extra time, but it ensures the company’s safety and security, our members and suppliers – something we take extremely seriously. Cyber-crime is a real threat to all businesses and as these types of cyber-attack become more sophisticated and more convincing, we must all be extra vigilant.”