Feeds

UK firms warned of corporate hijack risk

Companies House database scam

  • alert
  • submit to reddit

Beginner's guide to SSL certificates

UK firms are urged to look out for an emerging scam which specifically targets the Companies House database. Early Warning, the online fraud prevention group, says it is easy for fraudsters to change the registered office for the limited company whose details they have obtained.

Armed with the details of a particular limited company, including the postal address of the head office and its registered company number, a fraudster can submit a form to change the address of a firm to a mailbox address or even a short-let residential property. The information to carry out this Corporate ID theft can be easily found on the internet.

Once a "Form 287" is completed and submitted, Companies House will amend its database without getting confirmation; typically, conducts basic checks only . The fraudster is then at liberty to start opening trade accounts and ordering goods to be delivered to the bogus address.

The innocent company whose details have been altered by the fraudster will only find out about the scam when the debt collectors arrive, or when legal action is initiated to recover the goods that have been fraudulently obtained.

"Companies House cannot prevent hijacking. It does not have the power to investigate the contents and accuracy of forms sent to them for filing," said Andrew Goodwill, Early Warning's managing director.

Goodwill knows of three companies (a Kent property company, an antique dealer and flooring company, both in London) who have fallen victim to the scam. Early Warning became aware of the scam two weeks ago when fraudsters posing as one of the victim companies ordered computer hardware from an Early Warning member.

Fraud prevention

A spokesman for Companies House said it was aware of company hijacking as an emerging problem. To combat such frauds, an electronic filing service with built-in safeguards, called PROOF ,(PROtected Online Filing) has been introduced. If a company signs up to PROOF, Companies House will accept specific statutory forms in electronic format only, and will refuse any paper submissions of the form. "The system relies on electronic codes - not signatures - and has greater built-in security," the spokesman explained.

Firms still filing by paper have the option of using a Companies House monitoring service to keep tabs on documents filed with the organisation. An electronic version of this service was recently introduced. All very well - but shouldn't Companies House be checking more rigorously in the first place? Companies House says this is not practical: "We don't have the power and resources to go back and check 9m documents."

Goodwill called for firms to show vigilance: "Every Limited company should check their registered office details on the Companies House website and this should probably be done every month or so. Companies House has no responsibility to validate the details contained in Form 287 and that it may even require legislative changes to get them to do so," he said. ®

Related stories

Two-in-one ID theft, fee fraud scam debuts
Net fraudster nailed in East Ham
Email scammers target Nochex users
Forged cheque scam hits UK retailers
Nigerian freight forwarding scam hits UK

Secure remote control for conventional and virtual desktops

More from The Register

next story
Facebook pays INFINITELY MORE UK corp tax than in 2012
Thanks for the £3k, Zuck. Doh! you're IN CREDIT. Guess not
Big Content outs piracy hotbeds: São Paulo, Beijing ... TORONTO?
MPAA calls Canadians a bunch of bootlegging movie thieves
Google Glassholes are UNDATEABLE – HP exec
You need an emotional connection, says touchy-feely MD... We can do that
Lawyers mobilise angry mob against Apple over alleged 2011 Macbook Pro crapness
We suffered 'random bouts of graphical distortion' - fanbois
Just don't blame Bono! Apple iTunes music sales PLUMMET
Cupertino revenue hit by cheapo downloads, says report
US court SHUTS DOWN 'scammers posing as Microsoft, Facebook support staff'
Netizens allegedly duped into paying for bogus tech advice
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
Simplify SSL certificate management across the enterprise
Simple steps to take control of SSL across the enterprise, and recommendations for a management platform for full visibility and single-point of control for these Certificates.