This article is part of our collection on Agriculture
Traditional farmers in the most remote regions of Scotland are being targeted by thieves – on their computers.
Last updated: 21 Jul 2020 6 min read
Last summer, an Ayrshire farmer decided to buy himself a new tractor. As it cost several thousand pounds, he signed a finance agreement with his bank and eagerly awaited delivery of the machine.
It never arrived. What came instead was a call from the dealer demanding payment. The farmer contacted his bank and was told it had never finalised the finance agreement because the farmer had stopped answering their emails.
It turned out a fraudster had hacked into the farmer’s emails, posed as the bank contact – and got the farmer to send him all his money.
The scam, known as ‘ghosting’, is just one technique criminals are increasingly using to fleece victims in rural Scottish communities.
“Wherever we live, we’re at risk of cybercrime,” says Detective Inspector Alan Dron of Police Scotland’s rural crime team. “But those in rural communities – one in five of Scotland’s population – are particularly vulnerable.”
There are several reasons why, he adds. “Most farmers and forestry workers don’t retire at 65 and many of these people are online but not tech-savvy enough to be aware of the dangers. They are also extremely busy and might typically have one evening a week for admin, so they rush through it. That means if they get an email that says ‘final payment owed’ they’ll pay it without double checking, which can give fraudsters a way in.
“Farmers are also very proud and don’t want to admit they’ve been duped. But not reporting it means we can’t find the crooks and stop it happening to anyone else.”
The lack of reporting makes it difficult to quantify the exact scale of the problem. Indeed, the cost of rural crime in Scotland actually fell 3.8% last year to £1.5m – compared with a 41% surge in Wales, says the National Farmers’ Union (NFU). But according to the Office for National Statistics, cybercrime now accounts for almost half of all crimes.
“We’ve seen a huge rise in this type of crime,” says Ken Fletcher, editor of the Scottish Farmer. “A lot of money passes through farms – EU subsidy payments make farmers vulnerable at this time of year, but in any week, taking 50 cattle to market could get a farmer £50,000.”
And fraudsters are well aware of this, warns Gerard Grant, chief ethical hacker at the Scottish Business Resilience Centre (SBRC). “Hackers follow the money,” he says. “They know when and where those subsidies are paid. We’d urge farmers to be wary of unsolicited calls and emails and to 100% verify their source before taking any action.”
“This is such a busy time of year, with calving, lambing and spring work, that farmers could be easily caught out by alarming calls from people claiming to represent their bank”Kenny Slater, secretary, Orkney NFU Scotland
The fraudsters’ most common methods are phishing (using false emails or weblinks to obtain their victim’s financial information); hacking an account to steal someone’s ID; and invoice fraud.
Says DI Dron: “Ensure your computer has the latest security software, patches and updates, and choose strong passwords. But this is about vigilance. Never give personal information to anyone, never open or forward chain emails. Review bank and credit card statements regularly – and if an online offer looks too good to be true, it almost always is.”
But fraudsters don’t just get in via your computer. Just recently, an Orkney farmer lost “a five-figure sum” when a conman claiming to be from his bank phoned to verify a payment to HMRC. The conman knew the farmer had made no such payment but told his victim he could stop the money going out of his account – and then duped him into giving him his bank details.
Orkney NFU Scotland secretary Kenny Slater says the victim, while choosing to remain anonymous, was keen to share his story. “This is such a busy time of year, with calving, lambing and spring work, that farmers could be easily caught out by alarming calls from people claiming to represent their bank,” says Slater. “Genuine callers from your bank will never ask you for a payment or details from your account. And if they invite you to call your bank to verify it, do so from a different phone because they’ll still be on the line.”
Police are working with farmers to raise awareness of cybercrime in the agricultural sector. Police Scotland and SBRC’s inaugural cybercrime prevention surgeries at last summer’s Royal Highland Show proved so popular they’ll be repeated at this year’s event at Ingliston, Edinburgh, in June. Meanwhile, the two organisations have teamed up with Royal Bank of Scotland to launch The Little Book of Big Scams, an advice booklet that can be downloaded here .
But getting that message across is still a challenge. According to the government report Cyber Crime In Scotland, while only 7% of internet users have no security in place, they are 20% more likely to be older users and/or living in more deprived areas.
Says Fletcher: “The problem is many farmers, particularly the older generation, take people at their word because that’s how they’ve always done business. They’re too trusting. And there’s sometimes stubbornness, too – it’s not unusual to have three generations where the 80-year-old head of the family clings to the chequebook and makes all the financial decisions, not listening to the often very sound advice around him.”
DI Dron is confident the message can hit home – if it’s clear enough. “If you warn some rural farmers about phishing, they think you mean a rod and reel,” he says. “We need to put out messages, leaflets, signs, in simple terms. This isn’t to patronise – farmers are extremely smart and don’t need to be spoken down to, but we also know they are very busy and have enough to do without reading all the detail. We need to get a basic warning out there.”
Meanwhile, the Ayrshire farmer scammed out of his tractor cash is still trying to get his money back. “Even in hindsight, and having reviewed the emails,” he says, “the only indication an intruder had taken over the email conversation was a slight change in writing style, something that we simply assumed was a banker typing in a hurry. Everyone is vulnerable. Everyone needs to ensure it doesn’t happen to them.”
For more information on how we can helpVisit our NatWest Business site