Cyber Threat – Companies House Emails

In the last few weeks a number of our clients have reported a new style of email attack – purporting to be from Companies House. These emails are “reminders” of documents which are due to be filed shortly, or overdue, such as accounts or annual confirmation statements – but the links to go to the Webfiling section of Companies House instead direct you to a fraudulent website.

At present, the trend seems to be primarily targeted at the legal and financial sectors, with the intention presumably being to gain access to high value client accounts through the recipient clicking the link. However, Companies House is, alongside HMRC, a body which is relevant to virtually all UK businesses and so there is a very widespread opportunity for this method to be targeted at virtually any UK business, without the need for much in-depth research from the fraudsters.

How do I know if an email is genuine?

Firstly, check the email address – if this comes from a domain name ending in “@companieshouse.gov.uk” (and isn’t another email “on behalf of…”) then this email should be genuine. You can also hover over any link in an email and it will tell you the web address that it is pointing at.

If the email suggests you have imminent or overdue documents, or threatens strike off action, then the best way is to just check your company’s record by logging onto Companies House directly – https://beta.companieshouse.gov.uk – and search for your company name / number; it will tell you on the “Overview” screen when your next documents are due, and highlight any overdue ones very clearly. You can of course also call Companies House to check this on 0303 123 4500.

Finally, if you are still uncertain, there are a number of verification websites available (such as www.whois.net) that will confirm the date of registration and owner of a domain. Just put in the bit after the @ sign and it will confirm the owner and date of registration – if the date is recent or owner overseas, it is almost certainly a fraudulent email.

What if I’ve already clicked on a link?

If you have done this, it is almost certain that your computer has been infected, and you should immediately contact your IT support team to investigate further, and to try to contain the damage.

What other types of cyber threats are there?

Many! Email is an easy target (they also come with virus-embedded attachments, spyware, and various attempts to gain access) but most cyber threats rely on the weak link in the chain – humans.

As ever, IT security is a real threat, and many businesses end up thousands out of pocket from the slightest breach – without even considering the time lost and damage to reputations. The legal and financial sectors, plus any other businesses that hold high levels of cash, should be particularly vigilant and ensure that all staff receive suitable training on this topic.

If you would like any further advice on this area, or have any concerns over an email that you may have received, please contact Alex Hird at hello@garbutt-elliott.co.uk or fill in our contact form below: