Rss

Archives for : May2017

Phishing scam targets National Australia Bank customers with fake website

Phishing scam targets NAB customers with fake website

NAB online banking customers are the latest target of an email scam that tells victims their account has been disabled before prompting them to enter their password into a fake website.

The email sent to NAB customers tells recipients their bank account has been disabled and prompts them to click a link to reactivate their account.

the-nab-scam-email-sent-by-scammers-image-www-scamsfakes-com

The email sent by scammers. Photo: Mailguard

The link takes the recipient to a very realistic, but fake, copy of NAB’s banking website, which is designed to harvest the victim’s account ID and password.

NAB said late on Thursday night that the fake website had been removed.

a-screen-shot-of-the-fake-website-through-which-scammers-try-to-obtain-online-banking-details-image-www-scamsfakes-com

A screen shot of the fake website through which scammers try to obtain online banking details. Photo: Mailguard

A NAB spokeswoman said the bank had issued a take-down notice to have the fake website removed after it became aware of the scam.

“We remind customers, NAB will never ask you to confirm, update or disclose personal or banking information via email or text,” she said.

The email comes with the subject line ‘Notification’ and is sent from discharge.authority@nab.com.au.

MailGuard CEO, Craig McDonald, said the company had blocked the distribution of thousands of copies of the email on Thursday afternoon.

“A phishing scam is a fraudulent attempt to steal your information or identity for financial gain. In this case, the perpetrators want victim’s banking details,” he said.

“Creating a fake website allows them to collect peoples’ account number and passwords without arousing suspicion.

“That valuable information is collected and used to make future unauthorised transactions.”

Many NAB customers have taken to Twitter this week to ask the bank whether the email was a scam.

NAB has listed the scam on its website, and advised customers to forward the email to spoof@nab.com.au and then delete it.

Victims are urged to contact their local NAB branch, or call 13 22 65 immediately.

xhx

Henry Sapiecha

Australians targeted by Amazon spam scam

Australians have been targeted by scammers purporting to be the retail giant Amazon and promising them $500 Amazon vouchers.

The scammers used Amazon’s well-publicised expansion into Australia as a hook.

amazon-shipping-box-image-www-scamsfakes-com

People at the weekend received a legitimate-looking email offering $500 Amazon vouchers to those who clicked on a link and provided feedback on the company.

The email’s subject line was, “Amazon Card for you. Confirm before it expires.” The email featured the Amazon logo, and a cartoon of a man holding a clipboard in front of a bus, with an arrow and the words ‘Confirm my voucher’ running across the picture.

the-emails-subject-line-was-amazon-card-for-you-confirm-before-it-expires-image-www-scamsfakes-com

The email says the “expansion of Amazon into Australia is fast approaching. We will soon begin operating brick and mortar distribution and retail centers [sic] in all states across Australia.”

It continues, “Of course, Aussie consumers are no strangers to Amazon. In the past few years we have built strong relationship with you and we are here to say thank you!

“In order to express our gratitude towards Aussie consumers, we are coming to you with a $500 Amazon Voucher.

“We have 80 Vouchers to give away this weekend. All you need to do is: Confirm receiving this email by clicking here. Give us your opinion about Amazon

“That’s simple, right?

“Thank you and Good luck!”

The email was signed off by “Your Prime Team,” referring to Amazon Prime, Amazon’s membership offer which provides fast shipping to members.

a-screenshot-of-the-scam-amazon-email-sent-to-australians-image-www-scamsfakes-com

While the email stated it had been sent to people who had “subscribed to offer emails”, recipients included people who had never ordered anything from Amazon or signed up for a membership.

Delia Rickard, deputy chairman of the Australian Competition and Consumer Commission, said seven people had reported the “genuine-looking” scam to the watchdog – and none had clicked on the link.

“One of the things that scammers are good at is piggy-backing on a topical event,” she said.

She said it was unclear whether the scam was motivated to spread malware, or to trick people into giving out private information that could be used for identity theft or onsold to other scammers.

The watchdog advises people to verify whether an offer is legitimate by “checking if it is listed on the retailers’ official website or by calling the retailers’ official customer service line.”

Amazon’s public relations firm Weber Shandwick declined to comment.

Amazon’s Australian plans

After Fairfax Media broke the news of Amazon’s Australian expansion plans in 2016, Amazon confirmed its plans in April and promised thousands of new jobs, millions in additional investment, and to “empower small Australian businesses through Amazon Marketplace”.

While Amazon is known for its online marketplace, it has been investing in bricks and mortar stores too.

As at last month, it had six bookstores (soon to be 12), pop-up stores, college pick-up points, and a convenience store without checkouts that is being tested in Seattle. Its finance chief last month described bricks and mortar physical stores as “another way to reach the customer”.

International sales accounted for 32 per cent of Amazon’s sales for the three months to 31 March. International sales were up 16 per cent year-on-year but continued to be unprofitable.

Amazon has been pouring big money into international expansion, particular in India. Its capital expenditure surged 51 per cent year-on-year, primarily due to investment in fulfilment centres, or large warehouses.

Amazon operates its online grocery delivery service Amazon Fresh in 21 cities in the US as well as London and Tokyo, which opened last month.

jgtlbkui

Henry Sapiecha

Losses from reported Australian hacking victims quadrupled in 2016: ACCC

skull-crossbones-numbers-red-image-www-scamsfakes-com

The Australian Competition and Consumer Commission (ACCC) has reported a four-fold increase in hacking scams, with AU$2.9 million lost to such activity in 2016, up from AU$700,000 in 2015.

According to Targeting scams: Report of the ACCC on scams activity 2016, businesses bore the brunt of these scams, with over half — AU$1.7 million — being attributed to businesses.

“While the digital economy presents many opportunities and efficiencies for businesses, it also presents significant risks,” ACCC deputy chair Delia Rickard says in the report’s foreword.

“Scams targeting businesses are becoming increasingly sophisticated using modern technology to make fake emails, invoices and websites appear legitimate to even the astute business person.”

While the digital age is hitting businesses in Australia, the report [PDF] highlights that consumers are also being affected by scammers, with digitisation providing the opportunity for scammers to try new tricks.

Online scams — those executed via the internet, email, social networks, and mobile apps — outnumbered phone-based scams in 2016, with an increase of 130 percent over 2015.

Elsewhere in the report, losses to online scams accounted for 58 percent — AU$48.4 million — of total losses, while social media was a particularly busy platform used by scammers to lure victims, netting losses of AU$9.5 million in 2016 compared with AU$3.8 million in 2015.

Of the social media scams, the most prevalent were related to online dating and sextortion, a form of blackmail in which compromising images of the victim are used to extort money.

Residents warned as scammers rip off $60k in telephone scam

Police are warning people to be aware of a sophisticated telephone scam.

scam-signs-multiples-image-www-scamfakes-com

QUEENSLAND AUSTRALIA SUNSHINE Coast residents have been warned about a sophisticated scam which has been resurrected to great effect, ripping victims off to the tune of tens of thousands of dollars.

Police are warning people to be wary of the scam, which involves a call to a home phone from a telecommunications provider.

The demanding caller tells the residents their computer has been hacked and insists they press specific keys on the keyboard (windows key and the letter ‘r’).

A second person then comes on the line and tells the resident they need money to catch the scammer and asks for a credit card number and PIN, before ringing on the mobile phone and asks to stay on the line.

The victim is then told to withdraw money from the bank and then asked to attend certain retail shops and buy gift cards.

Still on the line, the scammer tells the victim to display the PIN and gift card details to the computer camera, which has been taken over by scammers.

This goes on for several days and can include a number of requests for purchases to be made, including plane tickets.

Acting Detective Superintendent Terry Lawrence of the Financial and Cyber Crimes Group said one victim had lost $20,000 through the scam.

“The actions of these criminals targeting the vulnerable members of our community is deplorable, they don’t care who they hurt, they just want your money,” he said.

“This scam is very specific however I urgently warn all members to be vigilant when it comes to unsolicited calls and a request or demand to make payment by gift cards of any type.

“Businesses and government organisations will not seek payment in this way, nor will they request remote access to your computer. The callers are criminals who are stealing your money. Please, I urge you to not comply and hang up immediately. Report the call to Scamwatch or ACORN.”

Coast IT guru and owner of ID Care, Dr David Lacey, said they’d seen a spike in both telephone and remote-access scams in the past few months.

He said his company was doing about 200 engagements a week with victims of cyber crime and about one-third were calls from victims of telephone scams.

Dr Lacey said scammers were often using telephone calls to gain remote access to computers, then installing ransomware to further extort their victims.

“It’s certainly ratcheting up,” Dr Lacey said.

He estimated about a million calls a month were being made to victims in Australia.

Victims that had contacted him were suffering significant financial losses, with one victim even having up to $60,000 withdrawn from their superannuation account by scammers.

He said victims often blamed themselves, but added it had nothing to do with intelligence, as the scammers were highly manipulative.

“It’s not just about the technology, it’s mostly about the emotional and confidence (damage caused by scammers),” Dr Lacey said.

Victims can report scams to www.scamwatch.gov.au or www.acorn.gov.au

jfg7ouig6

www.crimefiles.net

www.intelagencies.com

6rf7i6f5iu7

Henry Sapiecha

Business scams top $3.8 million: ACCC

Jason King wasn’t surprised to get an email from the chairman of Launceston Church Grammar School’s board asking him to process a payment to Hong Kong that day.

The school sometimes has cause to make payments to Hong Kong for the school’s accountant, so there was no immediate concern.

michael-schaper-deputy-chairman-of-the-accc-says-small-businesses-are-a-far-more-attractive-target-for-scammers-than-the-general-public-image-www-scamsfakes-com

“It had [the chairman’s] name and an email address that looked reasonable,” Mr King says. “They were asking for a payment of $121,780. That was the red flag as we don’t ever pay that much to Hong Kong.”

Mr King called the chairman who knew nothing at all about the payment and hadn’t sent the email.

launceston-church-grammar-school-was-almost-scammed-image-www-scamsfakes-com

Scams on the rise

It was a close call for the school and data released by the Australian Competition and Consumer Commission on Friday shows scams suffered by businesses are on the rise.

Nearly 6000 businesses reported being targeted by scams in 2016, according to the watchdog’s Targeting Scams report. Losses totalled about $3.8 million, an increase of almost 31 per cent.

The highest losses were to computer hacking, fake investment schemes and buying and selling scams, according to reports to Scamwatch over the past year.

Small businesses with fewer than 20 staff are in particular the most vulnerable and accounted for nearly 60 per cent of reported losses.

Lack of reporting

ACCC deputy chairman Michael Schaper says the $3.8 million in reported scams is “really the tip of the iceberg”.

“We already know it’s a well established phenomenon that most of the people who contact Scamwatch haven’t actually lost money, only 10 per cent have,” he says. “We know that small businesses are much more reluctant to report losses. There are two reasons, one is the time and energy and the second one is that a lot of small business think that if they report a scam their insurance premiums are going to be threatened.”

Mr Schaper says while small businesses are less likely than the general public to report a scam, small businesses are also a far more attractive target than the general public.

“It’s easier to find them; those [businesses] trading online have a website presence and you can work out who to target,” he says. “Secondly, we know small businesses don’t have good record keeping systems in many cases and their software is often very basic so they are ripe pickings.”

We know small businesses don’t have good record keeping systems in many cases and their software is often very basic so they are ripe pickings.

Michael Schaper

Mr Schaper says recent events with the WannaCry ransomware scam show businesses can be just as vulnerable to scams as anyone else in the community.

There are “steep increases” in scammers contacting businesses, according to the ACCC.

What to look out for

The top three scams identified by Scamwatch against businesses are:

  1. Ransomware. These scams trick a victim into downloading a virus that infects computer systems and prevents user access until payment is made to unlock it. In 2016, reports indicate that there was an increase in ransomware emails to businesses, purportedly from legitimate companies such as Australia Post or a utility provider.
  2. Business email compromise scams. These are a form of hacking scam that operate by the scammer obtaining access to a business’ email address. The scammer will then send an email (purportedly from senior management) to the business’ suppliers advising of new payment arrangements and requesting a wire transfer to the new account.
  3. Investment scams. These scams are promoted as business opportunities (for example sports investment or stock broker scams, superannuation schemes or managed funds) and promise inflated returns but are, in reality, nothing more than a method used to drain a business of its funds.

Mr Schaper says 85 per cent of scammers make contact with businesses via email or phone so it is important to be wary. He says small businesses can help protect themselves by backing up data.

“Backing up your data and keeping it offline or backing it up to the cloud is the single most important thing you can do to protect yourself from that threat,” he says. “If you pay a false bill by and large it won’t be the death knell of your business but if you lose all the information about your clients you could lose your business overnight.”

www.intelagencies.com

www.crimefiles.net

jfg7ouig6

Henry Sapiecha

Fake Chinese-marked money used in Australian scam

roughly-translated-the-words-say-training-money-sample-only-for-practice-circulation-image-www-scamsfakes-comforbidden

Fake Australian bank notes bearing Chinese characters are being used in a scam in Darwin, according to police.

Several pubs have been given imitation $A100 (£57; $74) currency since Sunday, Northern Territory Police said.

The notes, designed to train bank tellers in China, can be bought cheaply online.

Police said six of seven known scams had been carried out by the same man and woman, usually to buy cigarettes, alcohol and to receive change.

The Chinese words roughly translate to: “Training Money. Sample. Only for practice. Circulation forbidden.”

The pair collects change from the transaction before quickly leaving the scene,” said Acting Senior Sergeant Glenn Leafe.

Police said the deception was foiled at one venue on Monday night.

“Upon examining the note, staff challenged the pair who fled the store,” Sgt Leafe said.

Police have urged locals to check currency as a search for the perpetrators continues.

xhx

www.money-au.com

Henry Sapiecha

The “can you hear me?” phone scam

woman-with-mobile-phone-to-ear-image-www-scamsfakes-com

Like every one else – I read the news.  The “can you hear me?” phone scam has reportedly been prolific in the United States and the United Kingdom since very early in 2017.

Weeks ago I was interested to read that the phone scam had hit Australia’s shores.

I just had lunch with one of the Mackay police station’s Volunteer in Policing who received a “Can you hear me?” phone call at their home number on Monday April 24!!

What do you need to know? Victims receive an unsolicited phone call (business or home number) … after you answer, the scammer will simply say “Can you hear me?” several times.  Most people say “yes”.

The scammer then ends the call. It is believed that the scammer is recording your “yes” response and that this recording is being used to authorise payments or charges – in your name!!! Good luck disputing or contesting the payment or charge after the event with a recording of your “yes” on file authorising it 🙁

If the scammer already has your mobile phone number and some sensitive identification information of yours… you may have some serious and legitimate reasons to be concerned!

We’re now sharing this post statewide as we believe it to be hitting many areas.

Our advice to combat this phone scam :

  • Spread the word – Share this information
  • If you receive a “can you hear me?” phone call – hang up – don’t respond!
  • If you did respond with a “yes” … alert your financial institution, begin to monitor your accounts closely .. and contact ID CARE

j75fgio

Henry Sapiecha