Your security on plusberry.com

At plusberry.com, we’re committed to helping you providing the services in a safe and secure environment.

Accountancy services remain an attractive target for criminals, used to help their funds gain legitimacy and respectability, as implied by accountants’ professionally qualified status. Some services provided by accountants are at higher risk than others.

On these pages, you can learn more about some of the most common internet security threats, what you can do to protect yourself, and what we do to ensure your details remain secure.

Money Laundering:

Financial institution like banks, currency exchange houses, check cashing facilities, and payment processing companies have higher money laundering risks. Services that are identified as higher risk include company formation and termination, mainstream accounting, and payroll. We are continually educating ourselves with International money laundering risks as part of our firm-wide risk assessment, and enhanced due diligence procedures are needed for clients that are established in high-risk countries to mitigate the risks to the firm.

Accountants play an essential role in preventing money laundering by understanding risks, meeting regulatory obligations and encouraging compliance and good practices to mitigate these risks. Reviewing firm-wide risk assessments of money laundering threats on a regular basis is imperative for accountancy firms to make sure they have identified all the areas relevant to their own business – particularly as the risk may evolve because of changes to the firm’s client base, geography and services provided.

Money laundering scams usually have five key stages in simple terms:

  1. An employee responds to a fake email like job offer
  2. the employee is asked for their bank details to pay money into.
  3. A cheque is paid into the their bank account
  4. The employee is instructed to transfer a portion of the funds into another account(often via a money transfer service, such as Western Union or MoneyGram) and keep the remainder as their payment
  5. Once the employee has transferred the money, the cheque bounces and the victim is left with the debt

Falling victim to a money laundering scam is not only distressing, it can also affect credit ratings and bring victims under suspicion of criminal activity.
However, there are a number of tell-tale signs to look out for to help you spot a potential money laundering scam:

  1. Are you being offered an opportunity to work from home? Usually, this type of scam email includes the offer of a great opportunity to work from home as a transaction processor or similar.
  2. Is the salary offered realistic? Usually, the fake jobs being offered in this type of scam offer an unrealistically high salary.
  3. Are you being asked for bank details? Money laundering scammers will ask you for your bank details. You should never give these out to a company you don’t completely trust.
  4. Do you have a personal contact? In most money laundering scams, communication will be carried out entirely over email and/or instant messaging, with no telephone or face to face contact.
  5. Are there spelling and grammar mistakes in the email? Money laundering scam emails often originate from outside the UK and spelling and grammar mistakes are common.

If you’re suspicious of any email you receive, please contact us at Enquiries including the subject line of the email you received, and the email address it was sent from.

Higher risk services

Trust and company formation services
This can be used to enable the laundering of millions of pounds, conceal the ownership of criminal assets and facilitate the movement of money to secrecy jurisdictions. The risk is highest when coupled with other high-risk services or factors, such as a client in a high-risk country.

Accountancy and bookkeeping services
Criminals will falsify underlying books and records to hide criminal activity and engage a professional accountant to prepare the financial statements to legitimise them and benefit from the veneer of respectability provided by the professional adviser. Another way in which the criminal can mask the true nature of the transactions is with ‘incomplete records’ engagements where the accountancy firm or bookkeeper is asked to use bank statements to prepare the accounts and not the underlying books and records.

Payroll services
This may include the handling of clients’ funds and so the accountant may provide services that legitimise the proceeds of a crime e.g. ghost employees or individuals recorded as an employee who aren’t performing tasks or modern slavery. The NCA has published indicators of modern slavery and human trafficking in the accountancy sector, providing red flag indicators to be aware of during payroll engagements. The risk is highest where staff have not received AML training tailored to payroll services, staff are not client-facing, or there is poor quality information provided by the client.

Tax advice
Although there are many circumstances where providing tax advice to reduce a tax liability is legal, there is a risk that an accountant or tax adviser may provide tax advice that assists the client in masking their true income, or structuring their income and wealth to gain an illegal tax advantage.

Phishing:

Phishing emails are an increasingly common method used to try and gain access to personal details in order to carry out fraud or identity theft.
Typically, a phishing email will claim to have been sent by a reputable organisation and ask that you respond to the email with your username and/or password or that you enter your sign in details over a ‘secure’ connection.
Whilst phishing emails can seem very professional, there are usually a number of clues to alert you to the fraudulent nature of the emails.
When reading an email claiming to be sent from plusberry.com, you should always keep the following questions in mind:

  1. Are you being asked to provide your password? plusberry.com will never ask you to provide your password in response to an email or phone call.
  2. Are there spelling and grammar mistakes in the email? Phishing emails often originate from outside the UK and spelling and grammar mistakes are common.
  3. Are you being asked to download something? If you don’t recognise a file, don’t download it. All plusberry.com account details are stored online, so we’ll never ask you to download anything to use the service.
  4. Are you being threatened with losing access to your account? Phishing emails sometimes make it seem like you’ll lose access to your account unless you download something or provide your sign in details. Plusberry.com will never ask you to do anything like this in order to keep your account open.

If you’re suspicious of any email you receive from itthread.com, please contact us at Enquiries with the subject line of the email, and the email address it was sent from.

Spoofing:

‘Spoofing’ occurs when a criminal creates an exact copy of a website in order to make a fraudulent company look legitimate.
A spoofed website will usually look exactly the same as the website of a legitimate company, but with a slightly different web address (e.g., ‘.biz’ instead of ‘.com’ or ‘.co.uk’).
If you’re suspicious of any website you’re directed to as a result of your dealings with plusberry.com, please contact us at Enquiries and we’ll investigate.

Identity theft:

Identity theft occurs when an individual steals personal details from someone else, and uses the information to fraudulently impersonate that individual.
Victims of ID theft often find that their details are used to open bank accounts and obtain credit in their name.
Identity theft can only take place where a criminal has been able to gain access to enough personal details to create false documents in another person’s name.

In order to avoid becoming a victim of identity theft:

  1. Never give out sensitive personal information such as your bank details, date of birth or National Insurance number in relation to an email
  2. Look out for spelling and grammar mistakes in emails you receive
  3. Never give out your sign-in details in response to an email

If you suspect that you’ve been a victim of identity theft, you should contact the police as soon as possible.

What you can do to protect yourself?

Account security:
Online security risks can be minimised simply by ensuring that your password is always kept secure.
We recommend you follow the password security advice below:

  1. Always use a password which is personal and does not contain your name, email address or the word ‘password’
  2. Ensure your password contains letters, numbers and special characters like ‘!, & etc’
  3. Never give your password out to anyone – we will never ask you for your password
  4. Change your password at least once every three months
  5. Take a moment to memorise your password so you don’t need to write it down
  6. Try and use a different password for each different website you use

Security on uploading:
When uploading your data to plusberry.com  it’s important you provide enough information on how to contact you.

However, in order to ensure your security online, you should never include any of the following:

  1. National Insurance number
  2. Driving license number
  3. Bank details
  4. Credit card details
  5. Passwords
  6. Date of birth

General advice:

It’s always important to be mindful of your security and safety online. Look at our top 10 tips to staying safe online to make sure you’re not putting yourself at risk.

  1. If it looks too good to be true, it probably is. Be wary of any offers.
  2. Never provide personal details other than what is abosolutely necessay for us to contact you. There’s no need for us to request your bank details before we have started providing the services and signed a contract with you or the company.
  3. Never agree to process funds through your personal bank account on behalf of a company. Any legitimate company will have corporate accounts, so would never ask you to do this.
  4. Never provide your personal details listed over a non-secure connection. If you’re being asked for it, look for the “https://” at the beginning of the website address.
  5. Don’t upload your date of birth, NI number.
  6. Look out for bad spelling and grammar. Email scams often originate from outside the UK so may not contain perfect English.
  7. Never provide your username and password in an email purporting to be from plusberry.com. We’ll never ask you to provide this information in an email.
  8. Be wary of emails with no personal contact. It’s very unlikely that we would send you an email without a telephone and/or face to face communication.
  9. Keep your password secure and up-to-date. Passwords should be changed at least once every three months and shouldn’t contain your name, email address or the word ‘password’.
  10. If in doubt, report it. If you’re suspicious about any contact you receive related to plusberry.com, please contact us at Enquiries and our Customer Support Team will investigate.


What we’re doing to protect you:
We’ve partnered with several industry leaders to ensure you receive the most secure levels of service possible whilst using the site and services.

Virus protection:
Plusberry.com uses virus and spam filter which automatically scans, detects, and quarantines new viruses, ensuring that all documents uploaded to or downloaded from plusberry.com or emails are safe and virus-free.

Data:
Plusberry.com‘s servers are securely hosted and managed and ongoing vulnerability assessment services and security monitoring of plusberry.com’s servers are provided on a regular basis.

Registered Office
Plusberry Limited
14 Eve Road
Woking
Surrey, GU21 5JT
Company Registration No. 07062818. Registered in England and Wales.