Feeds

UK firms warned of corporate hijack risk

Companies House database scam

  • alert
  • submit to reddit

The Power of One Infographic

UK firms are urged to look out for an emerging scam which specifically targets the Companies House database. Early Warning, the online fraud prevention group, says it is easy for fraudsters to change the registered office for the limited company whose details they have obtained.

Armed with the details of a particular limited company, including the postal address of the head office and its registered company number, a fraudster can submit a form to change the address of a firm to a mailbox address or even a short-let residential property. The information to carry out this Corporate ID theft can be easily found on the internet.

Once a "Form 287" is completed and submitted, Companies House will amend its database without getting confirmation; typically, conducts basic checks only . The fraudster is then at liberty to start opening trade accounts and ordering goods to be delivered to the bogus address.

The innocent company whose details have been altered by the fraudster will only find out about the scam when the debt collectors arrive, or when legal action is initiated to recover the goods that have been fraudulently obtained.

"Companies House cannot prevent hijacking. It does not have the power to investigate the contents and accuracy of forms sent to them for filing," said Andrew Goodwill, Early Warning's managing director.

Goodwill knows of three companies (a Kent property company, an antique dealer and flooring company, both in London) who have fallen victim to the scam. Early Warning became aware of the scam two weeks ago when fraudsters posing as one of the victim companies ordered computer hardware from an Early Warning member.

Fraud prevention

A spokesman for Companies House said it was aware of company hijacking as an emerging problem. To combat such frauds, an electronic filing service with built-in safeguards, called PROOF ,(PROtected Online Filing) has been introduced. If a company signs up to PROOF, Companies House will accept specific statutory forms in electronic format only, and will refuse any paper submissions of the form. "The system relies on electronic codes - not signatures - and has greater built-in security," the spokesman explained.

Firms still filing by paper have the option of using a Companies House monitoring service to keep tabs on documents filed with the organisation. An electronic version of this service was recently introduced. All very well - but shouldn't Companies House be checking more rigorously in the first place? Companies House says this is not practical: "We don't have the power and resources to go back and check 9m documents."

Goodwill called for firms to show vigilance: "Every Limited company should check their registered office details on the Companies House website and this should probably be done every month or so. Companies House has no responsibility to validate the details contained in Form 287 and that it may even require legislative changes to get them to do so," he said. ®

Related stories

Two-in-one ID theft, fee fraud scam debuts
Net fraudster nailed in East Ham
Email scammers target Nochex users
Forged cheque scam hits UK retailers
Nigerian freight forwarding scam hits UK

Mobile application security vulnerability report

More from The Register

next story
BBC goes offline in MASSIVE COCKUP: Stephen Fry partly muzzled
Auntie tight-lipped as major outage rolls on
iPad? More like iFAD: We reveal why Apple fell into IBM's arms
But never fear fanbois, you're still lapping up iPhones, Macs
Sonos AXES support for Apple's iOS4 and 5
Want to use your iThing? You can't - it's too old
Stick a 4K in them: Super high-res TVs are DONE
4,000 pixels is niche now... Don't say we didn't warn you
Philip K Dick 'Nazi alternate reality' story to be made into TV series
Amazon Studios, Ridley Scott firm to produce The Man in the High Castle
There's NOTHING on TV in Europe – American video DOMINATES
Even France's mega subsidies don't stop US content onslaught
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
Too many IT conferences to cover? MICROSOFT to the RESCUE!
Yet more word of cuts emerges from Redmond
Joe Average isn't worth $10 a year to Mark Zuckerberg
The Social Network deflates the PC resurgence with mobile-only usage prediction
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.