Fraud Alert - Fake Senior Management Emails


We have been made aware by several NHS organisations that members of finance / accounts payable teams have been receiving “phishing” emails using the names of actual directors, executives and CEOs, which have seemingly been sent from non-NHS email accounts.

The emails include subject headers such as ‘Urgent Account’ and ‘Action Required’, asking for prompt payment of an “overdue invoice” to be made “as soon as possible”. This is a social engineering tactic used by fraudsters to apply pressure to the recipient to either

a) open an attached invoice, which may contain a virus, or
b) to bypass normal procedures and controls and get them to do something they would not usually do.
Advice:

All NHS staff, and in particular finance staff, should maintain vigilance for these types of phishing emails, and do not open attachments from unknown sources. Report them to your IT team, then delete them.

If you believe you have fallen victim to such a fraud in the NHS workplace, please report it to your Anti-Fraud Specialist.


Latest News & Insights

LOCATIONS

MIAA, Regatta Place
Brunswick Business Park
Summers Road
Liverpool
L3 4BL

Email: miaa.admin@miaa.nhs.uk

Tel: 0151 285 4500 (9am - 5pm Mon-Fri)

FOLLOW

Twitter Linkedin

STAY CONNECTED

Get in touch at miaa.admin@miaa.nhs.uk

© Copyright - MIAA