The police have notified Cifas of an increasing number of cyberattacks targeting organisations’ financial departments.

Appearing to be from a trustworthy contact of the organisation, the attackers send phishing emails claiming to be status updates for invoices in the hope that the victim will click on a link within the email and unknowingly download credential-stealing malware.

What action should you take?

We encourage all of our members and their colleagues to familiarise themselves with our cybersecurity guide - there are helpful tips for individuals receiving emails, as well as sending email, using the telephone and much more. 

And if you suspect a fraud, or other internet crime, remember to report it on the Action Fraud website.

Where a fraud or scam has actually taken place, it should be reported directly to Police Scotland.

Orange background with target illustration and hand holding arrow in the bullseye

Frauds and scams

Information to help Scottish law firms avoid becoming the victim of fraud or becoming involved in the facilitation of fraud or money laundering.