Sub-menu Navigation

Reducing risk of online fraud

Following on from our Clubroom article in March and as the RYA’s endorsed Insurance Broker for Clubs, Training Centres and Affiliated Groups; we wanted to make you aware of some of the most common types of online fraud, what to look out for, and how you can reduce the risk to your organisation.

Phishing

Fraudulent attempts to obtain sensitive information such as usernames, passwords and financial details, disguising themselves as a trustworthy source.

Spoofing

Forgery of an email header so the message appears to have originated from someone or somewhere other than the actual source.

Vishing

Form of telephone fraud using automated recordings to harvest sensitive information such as passwords/usernames or PIN numbers.

Hacking

Unauthorised access to, or manipulation of, an email account or email correspondence to conduct fraudulent activity.

Here at Gallagher we have seen a rise in this type of criminal activity. You should look out for these warning signs:

  • Email contains poor grammar and spelling
  • Subtle difference in email address (sometimes just one character)
  • Sender’s email does not match the trusted organisation’s website address
  • Email sent from a completely different email address
  • Email requests you click on unusual links

What should you do if you think you may have received a scam email?

  • Do not click on any links in the email
  • Do not reply to the email or contact the senders in any way
  • If you have clicked on a link in the email, do not supply any information on the website that may open
  • Do not open any attachments that arrive with the email

Examples of cyber fraud

Criminals are using sophisticated impersonation tactics to defraud people/organisations. Back in December 2018’s Club Room, RYA advised of two Affiliated Clubs that had experienced fraudulent email scams.

In one case, the Treasurer received emails purportedly from the Commodore and Vice Commodore, requesting an urgent bank transfer for maintenance work. The names of the General Committee and the email address for the Club Treasurer (a generic address) were publicly available on the Club’s website, which the fraudsters could easily obtain and use to their advantage.

In another case, a Club received an invoice by email for roof repairs purportedly from the company that had recently carried out the repair on its behalf. It paid the invoice, which later turned out to be fraudulent.

Understandably both Clubs looked to their banks for recovery of money lost however the banks were unable to assist as they were not at fault.

There is no doubt that online fraud is increasing and the Government quite rightly is concerned, it has therefore asked the banking industry to tighten up security measures¹. Banks are increasingly seeking confirmation of payee bank details when using telephone banking, citing the rise of email scams as the reason. The banking industry and Government have joined forces to launch a national campaign aimed at offering advice to help customers defend themselves against fraud¹.

If you require further guidance, please do not hesitate to contact the RYA Legal Team on 023 8060 4223 or legal@rya.org.uk

If you would like to discuss your cyber exposure and insurance options then contact the dedicated RYA team at Gallagher on 0800 062 2309. Alternatively click here to find out more about the Gallagher Cyber Liability product.

https://www.ft.com/content/fe2a6a88-a451-11e7-9e4f-7f5e6a7c98a2

https://www.fintechfutures.com/2018/09/uk-government-and-banks-plan-anti-fraud-initiative/

Royal Yachting Association is an Introducer Appointed Representative of Arthur J. Gallagher Insurance Brokers Limited which is authorised and regulated by the Financial Conduct Authority. Registered Office: Spectrum Building, 7th Floor, 55, Blythswood Street, Glasgow, G2 7AT. Registered in Scotland. Company Number: SC108909. FP842-2019. Exp. 14/08/2020

Find books for your course at the RYA Shop

eBooks in the cloud
Our handy guide shows the books & DVDs that go with your course!
Please select...