Feeds

UK firms warned of corporate hijack risk

Companies House database scam

  • alert
  • submit to reddit

Top 5 reasons to deploy VMware with Tegile

UK firms are urged to look out for an emerging scam which specifically targets the Companies House database. Early Warning, the online fraud prevention group, says it is easy for fraudsters to change the registered office for the limited company whose details they have obtained.

Armed with the details of a particular limited company, including the postal address of the head office and its registered company number, a fraudster can submit a form to change the address of a firm to a mailbox address or even a short-let residential property. The information to carry out this Corporate ID theft can be easily found on the internet.

Once a "Form 287" is completed and submitted, Companies House will amend its database without getting confirmation; typically, conducts basic checks only . The fraudster is then at liberty to start opening trade accounts and ordering goods to be delivered to the bogus address.

The innocent company whose details have been altered by the fraudster will only find out about the scam when the debt collectors arrive, or when legal action is initiated to recover the goods that have been fraudulently obtained.

"Companies House cannot prevent hijacking. It does not have the power to investigate the contents and accuracy of forms sent to them for filing," said Andrew Goodwill, Early Warning's managing director.

Goodwill knows of three companies (a Kent property company, an antique dealer and flooring company, both in London) who have fallen victim to the scam. Early Warning became aware of the scam two weeks ago when fraudsters posing as one of the victim companies ordered computer hardware from an Early Warning member.

Fraud prevention

A spokesman for Companies House said it was aware of company hijacking as an emerging problem. To combat such frauds, an electronic filing service with built-in safeguards, called PROOF ,(PROtected Online Filing) has been introduced. If a company signs up to PROOF, Companies House will accept specific statutory forms in electronic format only, and will refuse any paper submissions of the form. "The system relies on electronic codes - not signatures - and has greater built-in security," the spokesman explained.

Firms still filing by paper have the option of using a Companies House monitoring service to keep tabs on documents filed with the organisation. An electronic version of this service was recently introduced. All very well - but shouldn't Companies House be checking more rigorously in the first place? Companies House says this is not practical: "We don't have the power and resources to go back and check 9m documents."

Goodwill called for firms to show vigilance: "Every Limited company should check their registered office details on the Companies House website and this should probably be done every month or so. Companies House has no responsibility to validate the details contained in Form 287 and that it may even require legislative changes to get them to do so," he said. ®

Related stories

Two-in-one ID theft, fee fraud scam debuts
Net fraudster nailed in East Ham
Email scammers target Nochex users
Forged cheque scam hits UK retailers
Nigerian freight forwarding scam hits UK

Beginner's guide to SSL certificates

More from The Register

next story
Facebook pays INFINITELY MORE UK corp tax than in 2012
Thanks for the £3k, Zuck. Doh! you're IN CREDIT. Guess not
DOUBLE BONK: Testy fanbois catch Apple Pay picking pockets
Users wail as tapcash transactions are duplicated
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
Google Glassholes are UNDATEABLE – HP exec
You need an emotional connection, says touchy-feely MD... We can do that
YARR! Pirates walk the plank: DMCA magnets sink in Google results
Spaffing copyrighted stuff over the web? No search ranking for you
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
New hybrid storage solutions
Tackling data challenges through emerging hybrid storage solutions that enable optimum database performance whilst managing costs and increasingly large data stores.