For many tradespeople, cyber security doesn’t seem like a huge priority. But in the new age of GDPR, it’s more important than ever to protect your customer information – particularly as there are new scammers on the loose.
Earlier this month, detectives in Northern Ireland uncovered an email fraud perpetrated by a con-man posing as a local tradie, and are warning others to be vigilant.
- HMRC scam warning: the latest con and 5 others to avoid
- Police demand £150 from tradesman - after he finds his own stolen van
- Tool theft hotspots: data reveals worrying trends for tradespeople
- Why do I need business insurance?
Thousands of pounds lost to scammers
The tradesman in question had his email account hacked. A message was then sent to one of his clients asking them to pay their outstanding bill into a new email account – one belonging to the hacker.
Fortunately, the scam was spotted and the transaction cancelled before payment could go through, but this isn’t the first time fraudsters have tried a technique like this. One couple in North London were fooled into handing over £25,000 to someone posing as their builder.
What’s different about this scam is that the tradesman’s email address was hacked. Often hackers just create a similar looking email address and hope the client will fall for it.
Tradespeople and their clients are frequently the target of scams like these because they tend to deal with large sums of money, so it pays to be careful and stay vigilant with your online presence.
Tradespeoples’ reputations on the line
Given that recent research has found that the public think certain trades are less trustworthy than others, it’s vital that tradespeople do everything they can to maintain customer trust.
While hacking or spoofing of email addresses might be unavoidable in some cases, there are steps you can take to make sure you clients don’t fall for it. Let them know in advance when you’ll be asking for payment, and in what form, and tell them to get in contact with you by phone if they have any concerns.
If you do suspect your account has been compromised, get in contact with your clients as quickly as possible to let them know, and make sure you follow GDPR regulations.