6th April marks the start of a fresh tax year in the UK. It seems an odd choice of date to mark an anniversary, and the reasons for this find their roots in Roman times. The Julian calendar was established under Julius Caesar, but this did not adjust correctly for the true duration of a year, which led to the introduction of the Gregorian calendar under Pope Gregory. England eventually decided to come into line with the Gregorian calendar in 1752, achieving this by stealing 11 days – Wednesday 2nd September 1752 was followed by Thursday 14th September 1752.
Taxes were traditionally collected on Lady Day – 25th March which was one of the quarter days when rents were due. In 1753 it was acknowledged that 11 days’ revenue would be lost, so the tax anniversary became 5th April, 11 days later. This was subsequently corrected to 6th April in a leap year, where it remains to this day.
As with every financial milestone – month end, year end, financial year end – the scammers are out to catch us off our guard. In a busy office where the bookkeepers are under pressure to meet deadlines, it is easy to give a cursory once-over to an email request for payment and not realise that they are about to fall victim to cybercrime!
You may have excellent antivirus and antispam protection, but even so emails can creep under the wire. If you click on an attachment or internet link, this can expose your computer to unwanted malware. In the worst case scenario, all your documents can be held to ransom and your only recourse is either to pay the criminals or to restore your documents from a backup.
These emails used to be quite crude and it would be easy to spot that something was amiss:
- riddled with spelling errors
- incorrect grammar
- not addressed to the recipient
- signature not matching email address.
I received an email this week which could pass muster if you were not alert to the dangers of the scammers’ tricks. There are, however, some tell-tale clues that all is not well. Here’s a guide to points to look out for:
- Sender email address: in this case it is a children’s hospice, so it does not make sense that they would be chasing outstanding debts. It is highly likely that the address has been spoofed, and of course it is not the hospice who is sending the email.
- Salutation format: here they used my first name followed by last name (which both appear in my email address) – not the normal way of addressing an email.
- Unknown debt: this sum does not tally with any outstanding invoices for my company
- Unknown creditor: I do not recognise the company name, which does not match the sender email either. If this were the name of one of your suppliers, you could easily be swayed into believing that the invoice is valid.
- Link with a different domain: the link names yet another company. These emails often have attachments; again hovering over them should reveal a name which does not match.
- Correct address details: unusually, the email gave my real address. This makes its veracity convincing, and is a concern on how they came by this information.
- No company details or contact information provided. This email does in fact conclude “sincerely” followed by a name which matches the sender email address, but nothing more. Companies are required to display information including the company registration number and registered address under the Companies Act.
The moral of this story: be wary when you handle financial emails. A little circumspection can go a long way to protecting your computer, and your company, from devastating harm.
Think before you click!
… And if you have inadvertently clicked on a rogue invoice attachment, all is not lost. Call Computer Troubleshooters and we will do our best to get you back up and running, and put measures in place to protect you in the future.