Whilst every effort is made to ensure that the material contained within all Derbyshire audit services' alerts is reliable, no representation is made that information is accurate or that legal or other guidance contained is correct.
Derbyshire audit services does not accept responsibility for any liabilities, losses or damages as a result of persons having relied upon the information provided. Any organisation should seek their own legal or professional advice where necessary in relation to any information contained in an alert.
Chief Executive Officer (CEO) Fraud
The council has recently been advised of a significant increase in the number of schools targeted by fraudsters, making financial requests whilst purporting to be the Head Teacher or Principal. As these requests often concern the authorisation of financial transfers or ‘urgent’ one off payments of up to £10,000, a number of schools have suffered substantial financial losses as a result.
Contact is generally targeted with emails sent to staff holding financial management responsibilities, from spoofed email accounts or addresses very similar to that of the headteacher or principal. The instructions given are usually very basic and designed to put pressure on the recipient by requesting that the payment is made as soon as possible.
Staff awareness and compliance with robust internal payment procedures are vital in identifying fraudulent requests to ensure that only genuine payments are processed. In the event that school staff receive suspicious emails or suspected fraudulent payment requests, the details should be reported to audit services.
We are aware of an increase in spam emails being received by schools since the beginning of April 2017. These include emails which sometimes appear to be from a Derbyshire County Council source such as SchoolSAP and tend to contain what looks like legitimate information about O2, Vodafone and UPS accounts.
The document attached to this page explains how to spot the emails and the action that should be taken to remove them.
Health and Safety publication invoices
Derbyshire schools are being approached by cold callers purporting to work for an organisation called Health and Safety for Schools and Colleges.
The caller requests to speak to the individual responsible for health and safety at the school and subsequently offers a 'free' health and safety newsletter as part of a launch offer. This newsletter is described as an eight page document covering aspects of health and safety such as accident prevention and safeguarding for students.
Although this offer is initially described as 'free', schools have reported receiving quarterly invoices from the company behind the scheme for continued receipt of a monthly publication at a cost of £98.98.
Following receipt of the invoice one school challenged the company as they had no record of this agreement being made, at which point the company provided the school with a recording of the cold call evidencing acceptance of the free trial by a school staff member. Although the free trial was accepted, it was not until the end of the call that the Health and Safety for Schools and Colleges representative briefly indicated that a subscription would continue thereafter.
Schools are advised that caution should be exercised when accepting any goods or services described as 'free' to ensure that engagement with potentially sharp business practices is avoided. Further instances of schools receiving invoices from these companies should be promptly reported to audit services.