The Charity Commission, the independent regulator of charities in England and Wales, is issuing an alert to charities that they're at risk of cyber-attack.
There are two prevalent scams for charities to be aware of:
· “Crime Prevention Advice” email – Fraudsters are sending out a number of phishing emails to personal and business email addresses with the subject heading ‘Crime Prevention Advice'. Charities could be at risk from this new email scam and are encouraged to be vigilant. The campaign's main function seems to be the distribution of powerful malware through a malicious email attachment.
· “Notice of Intended Prosecution” email – Fraudsters are sending out phishing emails to email addresses connected to businesses in the UK with the subject heading ‘Notice of Intended Prosecution' and ‘NIP – Notice Number' followed by a combination of letters and numbers. The primary function appears to be distributing Banking Trojan malware via a malicious link embedded within the email.
Charities are urged to protect themselves by checking that their virus protection is up to date, not to click on links or open attachments in unsolicited emails or SMS messages, install software updates as soon as they become available, undertake regular backups of important files and contact your bank immediately if you suspect your details have been accessed.
“Charities need to be aware of the imminent danger posed by malicious phishing emails and to take appropriate steps to protect their charity from cyber-attack – a charity's valuable assets and good reputation can be put at risk from these dangerous scams,” said Carl Mehta, head of investigations and enforcement at the Charity Commission.