A TIAA client has been targeted by fraudsters in an attempted mandate fraud.

Mandate fraud occurs when a fraudster contacts an organisation with a request to change a direct debit, standing order or bank transfer mandate, purporting to be from a genuine supplier that regular payments are made to. If the organisation accepts the fraudulent request, the payments are then diverted to the criminal’s bank account.

The fraudsters have purported to be from Mitie, a supplier used across multiple sectors, and the fraudulent email content is regarding invoices and a new bank account.

  • Note the correct email domain for Mitie is mitie.com but fraudulent emails have been received from the domains mltle.com and mitiie.com. Other variations could also be used.

These fraudulent email addresses often contain a small change in detail that is difficult to spot. The email content may seem genuine with the name of the sender known to the organisation and a genuine email signature used.

There is no indication that Mitie were in anyway involved in this fraud. 

How to protect your organisation from fraud:

Before changing any supplier bank account details (direct debit, standing order or bank transfer mandate), always contact the supplier using established contact details in existing records and not from information supplied in a change request.

Read the NHS Counter Fraud Authority quick guide on mandate fraud prevention

Check if your organisation makes any payments to Mitie and be alert to correspondence requesting a change of bank details. If you think that your organisation has been a victim of mandate fraud, please notify your bank immediately to attempt to recover lost funds, and alert your Anti-Crime Specialist.

For further discussion and support, including fraud awareness training services please Contact Us.