World Rugby, the global governing body of the game of Rugby, has issued an urgent cyber fraud alert to all member unions of the game.

In a letter dated February 14 2024 and addressed to secretaries, Chief Executive Officers of unions and regional associations in membership of World Rugby, the chief international relations and participations officer of World Rugby Mr. David Carrigy warned all members to be cognisant of emerging cyber and fraud threats that are increasingly affecting all organisations but particularly rugby unions and to take urgent measures to address these emerging threats.

Below is the full letter from World Rugby:

2402 CL Cyber Fraud Awareness Letter

We would like to raise awareness of cyber and fraud threats that are increasingly facing all organisations.

Fraud and cybercrime is a highly impactful enterprise and an ever-present threat, with fraudsters continually finding new and sophisticated ways to target both individuals and businesses. Unfortunately, our organisations are also exposed to these risks. We have recently witnessed a few instances where the rugby community has been targeted.

This can often take the form of impersonation fraud, whereby email accounts are accessed by fraudsters and fake communications are issued. Fraudsters may intercept invoices to change the recipient bank details or may contact others for requests for money. These fraudulent communications can be very convincing. Fraudsters will often try to copy the language and approach of their victims to appear genuine and can gain a lot of information over time through emails. They may also use techniques to create a sense of urgency to convince individuals to make payments or part with sensitive information.

What can I do about this?

• Check your cyber protection. Do you have strong password protection on email accounts? Have

you enabled multi-factor authentication? Do you know how to report any concerns within your organisation?

• Follow your internal processes. If bank account details have been changed, make contact with

the recipient to verify they are legitimate. Do not trust contact details provided on invoices. If the invoice has been compromised, the fraudster will have likely changed the contact details as well.

• Check email addresses. A very common approach is to slightly amend an email address so that a fake address looks legitimate. For example, @worldrugby.org (valid) vs @worldrugby.com (fake) or @world.rubgy (fake). Fraudsters may also slightly amend the spelling of first or last names to make the address look familiar. If you know the recipient, call them on a trusted phone number to verify information.

• Look for warning signs. Has the language or tone of an email changed? Has an invoice been reissued with changed account details or a different font? Is someone seeking urgent payment or citing an emergency situation? These are all common red flags of impersonation fraud. Remember the recipient may have had their account unlawfully accessed by criminals, so the email address might be genuine. You should take extra care to confidently validate authenticity before making any payments.

Fraud awareness is one of the best ways to help protect yourselves against these threats. Please rest assured that you can feel confident in operating your business as usual. If you have any questions or concerns or would like further information on best practices, World Rugby can offer advice and guidance at infosec@worldrugby.org.