JASON King almost became the victim of a $120,000 email scam before working out something wasn’t quite right.
Last year Australian businesses were swindled out of $3.8 million dollars by hackers and online scam artists. The considerable figure represents a 31 per cent increase from the previous year, despite awareness campaigns about the threat of online fraudsters.
Nearly 6000 Aussie businesses reported being targeted by scams in 2016 according to the Australian Competition and Consumer Commission’s Targeting Scams report released today.
Of those that fell victim, Aussie businesses lost an average of $10,000, the watchdog said.
Mr King works as an accountant for the Launceston Church Grammar School in Tasmania and very nearly became an unwitting victim of a simple yet rather clever email scam.
“We got an email that was supposedly from the chairman of the board asking us to process a payment to Hong Kong,” he told news.com.au.
It just so happened that the school sometimes makes payments to agents and other parties in Hong Kong and a few other Asian countries. So he wrote back asking for more details about who needed to be paid and how much.
When the response came back it all seemed in order except for one curious detail.
“When they replied they gave us all the information we needed, which was fine, but what stood out was the amount,” he said.
Normally the payments the school would make overseas would be around $2000 to $5000. “They were asking for $121,780. That’s when I went, ‘ooh hang on, that doesn’t sound right’,” Mr King recalled.
This variety of scam is fairly common. A vast majority of attacks (85 per cent) are initiated via email or over the phone, according to the ACCC.
Mr King said he considers himself IT literate but admits the email scam “had me going … it all seemed quite legit”.
Had it not been for the abnormally large figure, he said it’s quite possible he would have transferred the money.
He doesn’t know if the scammers somehow knew the school sometimes made payments to Hong Kong or if they just got lucky.
However one detail that he did notice — and can often be a dead giveaway in these sorts of cases — was a slight alteration in the email address that was used in the scam to impersonate the school’s chairman. Instead of ending in LCGS.tas.edu.au, the e-mail address ended in LSGC-tas-edu.net.
If you do receive a suspicious email it’s important to double check the address for such inconsistencies. However due to the fact that the school chairman had recently retired from his work, Mr King rationalised it by thinking he may have created a new email address due to the change.
The highest losses endured by Aussie businesses targeted by cyber criminals were due to computer hacking such as ransomware attacks, email scams and fake investment and buying and selling schemes.
“As recent events with the WannaCry ransomware scam demonstrates, businesses can be just as vulnerable to scams as anyone else in the community,” ACCC deputy chairman Michael Schaper said.
“Unfortunately ransomware scams like WannaCry targeting businesses are not uncommon — we’re seeing steep increases in scammers contacting businesses to swindle them out of their money with varying types of scams.
“Small businesses with fewer than 20 staff are in particular the most vulnerable and accounted for nearly 60 per cent of reported losses.”
ACCC TIPS FOR PROTECTING YOUR BUSINESS
• Always scrutinise new requests for any payment and have a clearly defined process for verifying and paying accounts and invoices.
• Regularly back-up your computer’s data on a separate hard drive so this can be easily reinstalled if your computer is infected by malware or ransomware.
• Ensure your computer has a firewall and up-to-date antivirus and anti-spyware software. Businesses can learn more about scams, including how they can be avoided, by visiting the Scamwatch website and signing up to Scamwatch radar alerts.
A voicemail obtained by the Manly Daily reveals what scammers ask for.