An independent builders merchant has issued a warning to others to be vigilant when accepting suppliers’ bank details by email after being caught out by a fraudulent email.
Tony Sharkey, managing director of JTD Building Supplies in Holmfirth, paid a new supplier after receiving an email with bank details that turned out to be fraudulent.
“The worrying thing is that it was all part of the original email thread,” he told BMJ. “Somehow the original email conversation had been hi-jacked. I’m told it was probably a done via a Trojan that got in to the system somehow, searching for key words or phrases. Because it was a part of the email thread, it never occurred to me – and probably wouldn’t to anyone else either – that it could be wrong.”
Sharkey said that the amount – just over £5,000 – was not, thankfully, high enough to cause serious business issues, but was “enough that it is a real nuisance to have to sort out and isn’t something I would want to lose.”
He added that there may be a possibility of some of the money being recoverable, but that the bank will not release any further details, citing Data Protection rules.
“It’s a lesson that we have learned now. We will not pay anyone just on the basis of an email conversation about bank details in future.”