Infrastructure payment scam

5 February 2020

We’ve been alerted to a new infrastructure payment scam. Fraudsters are targeting Community Infrastructure Levy (CIL) payments from developers. A CIL payment is a tax on new developments that councils can spend on infrastructure. It’s discretionary so not all councils use it, but many do.

The scam involves spoofed email addresses that appear to be from council staff. A fraudster will request that a payment is made to a different bank account. This is known as mandate fraud, which can happen through phishing and whaling. Developers and architects should be aware that a number of councils nationally have been affected.

How does it work?

A fraudster will contact the developer, pretending to be from the council, asking for the payment to be made. They provide their own bank account details. Payments as large as £40k have been requested by fraudsters using emails that look genuine.

If you are at all unsure, do not proceed with payment, and contact the council.

It is important that all emails relating to payments are closely scrutinised before any money is transferred. For example a fraudster may use a council officer’s name followed by ‘’, rather than ‘’.

Many councils frequently take payments for CIL from developers. Fraudsters are aware of this and may target specific projects and their developers. We recommend that councils contact all current developers to warn them about this scam.

How to prevent mandate fraud:
  • Always question any request to change payee details regardless of the source or circumstance.
  • Always independently verify the request through established channels.
  • Always closely check that an email is genuine. Look out for spoofed addresses, unusual wording, and spelling mistakes.
  • Never assume that a request is safe because a colleague trusts the source.
  • Never allow yourself to be pressured into bypassing agreed verification processes and procedures.