07 3237 8777

ACCC release urgent warning to businesses over huge spike in scam victims

The Australian Competition & Consumer Commission (ACCC) has released an urgent warning to businesses of all sizes, after a huge spike in the number of businesses falling victim to a targeting scam with one business tricked out of more than $300,000.

ACCC deputy chair, Deila Rickard has said, “This is a very sophisticated scam, which is why many businesses only realise they’ve been caught out once it’s too late.”

“It’s a scam that targets all kinds of businesses, including charities and local sporting clubs. There is a misconception these scams target just small business; however, the largest amount of reports and losses came from medium-sized businesses, including one that lost more than $300,000.”

Earlier this year, a Perth car dealership lost $65,000 to such a scam.

The ACCC is calling on businesses to urgently review how they pay accounts and verify invoices due to reports of business email compromises (BEC) scams having grown a third this year.

BEC scams occur when a hacker gains access to a business’s email accounts, or ‘spoof’ a business’s email so their emails appear to come from the company. The hacker then sends emails to customers claiming that the business’s banking details have changed and that future invoices should be paid to a new account. These emails look legitimate as they come from one of a business’s official email accounts. The scammers then await payments to start rolling in from those unsuspecting customers, with the business being misrepresented left with a shortfall of incoming payments.

It is critical when receiving a request to change a BSB and Account number, whether for an employee, or supplier or known associate, that you validate the request before processing.

Please ensure you have appropriate controls in place to correctly identify employees when a request is made to change salary account details.

Our top tips:

  1. Always verbally confirm BSB and Account number changes using a trusted phone number. Confirming a change via email is not secure.
  2.  Ensure you have internal processes in place to correctly identify your employees before making changes to their personal information.

Find out more

Source: ACCC – Hackers targeting businesses’ emails in sophisticated scam

27 Nov 2018

© Copyright - MTA Queensland

MTA Queensland acknowledges the traditional owners of the land on which we live and work- the Yugambeh and Yuggera people. We pay our respects to elders past, present and emerging. In the spirit of reconciliation, we will continue to work with traditional custodians to support the health and wellbeing of community.
Previous MTAQ Board Member named in the top 50 most influential people in 2... Thousands of Australians Back Faulty Airbag Class Action