Rss

Archives for : FAKE INVOICES

Losses from reported Australian hacking victims quadrupled in 2016: ACCC

skull-crossbones-numbers-red-image-www-scamsfakes-com

The Australian Competition and Consumer Commission (ACCC) has reported a four-fold increase in hacking scams, with AU$2.9 million lost to such activity in 2016, up from AU$700,000 in 2015.

According to Targeting scams: Report of the ACCC on scams activity 2016, businesses bore the brunt of these scams, with over half — AU$1.7 million — being attributed to businesses.

“While the digital economy presents many opportunities and efficiencies for businesses, it also presents significant risks,” ACCC deputy chair Delia Rickard says in the report’s foreword.

“Scams targeting businesses are becoming increasingly sophisticated using modern technology to make fake emails, invoices and websites appear legitimate to even the astute business person.”

While the digital age is hitting businesses in Australia, the report [PDF] highlights that consumers are also being affected by scammers, with digitisation providing the opportunity for scammers to try new tricks.

Online scams — those executed via the internet, email, social networks, and mobile apps — outnumbered phone-based scams in 2016, with an increase of 130 percent over 2015.

Elsewhere in the report, losses to online scams accounted for 58 percent — AU$48.4 million — of total losses, while social media was a particularly busy platform used by scammers to lure victims, netting losses of AU$9.5 million in 2016 compared with AU$3.8 million in 2015.

Of the social media scams, the most prevalent were related to online dating and sextortion, a form of blackmail in which compromising images of the victim are used to extort money.

Protect your small business from invoice email scams

fake-agl-invoice-containing-a-link-to-a-virus-image-www-scamsfakes-com

16 August 2016

Scam watchers ask that businesses be beware of an invoice email scam seeking payment re-direction.

The scam involves scammers pretending to be legitimate suppliers advising changes to payment arrangements. It may not be detected until the business is alerted by complaints from suppliers that payments were not received.

How these scams work

  • Scammers hack into vendor and/or supplier email accounts and obtain information such as customer lists, bank details and previous invoices.
  • Your business receives an email, supposedly from a vendor, requesting a wire transfer to a new or different bank account.
  • The scammers either disguise their email address or create a new address that looks nearly identical. The emails may be spoofed by adding, removing, or subtly changing characters in the email address which makes it difficult to identify the scammer’s email from a legitimate address.
  • The email may look to be from a genuine supplier and often copy a business’s logo and message format. It may also contain links to websites that are convincing fakes of the real company’s homepage or links to the real homepage itself.
  • The scam email requests a change to usual billing arrangements and asks you to transfer money to a different account, usually by wire transfer.
  • The scam may not be detected until the business is alerted by complaints from legitimate suppliers that they have not received payment.

Protect yourself

  • Make yours a ‘fraud-free’ business – effective management procedures can go a long way towards preventing scams. Have a clearly defined process for verifying and paying accounts and invoices.
  • Consider a multi-person approval process for transactions over a certain dollar threshold.
  • Ensure your staff are aware of this scam and understand how it works so they can identify it, avoid it and report it.
  • Double check email addresses – scammers can create a new account which is very close to the real one; if you look closely you can usually spot the fake.
  • Don’t seek verification via email – you may be simply responding to the scammer’s email or scammers may have the capacity to intercept the email.
  • If you think a request is suspicious, telephone the business to seek verification of the email’s authenticity.
  • Don’t call any telephone number listed in the email; instead, use contact details that you already have on file for the business, or that you have sourced independently – for example, from a telephone directory.
  • Don’t pay, give out or clarify any information about your business until you have looked into the matter further.
  • Check your IT systems for viruses or malware – always keep your computer security up-to-date with anti-virus and anti-spyware software and a good firewall.

iyunil

Henry Sapiecha

Telstra clients scammed with fake refund email

shady-hacker-on-keyboard image www.scamsfakes.com

More than just chasing your credit card details, scammers are looking to steal the identity of Telstra customers.

Saying to you that you’ve paid your bill twice, scammers are tricking Telstra customers into handing over their credit card details.

These days most of us are savvy enough not to fall for promises that look too good to be true, whether it’s a win in the British Lottery or an inheritance from a long-lost uncle in deepest, darkest Peru.

Scammers have moved with the times and their new promises are a lot more boring and realistic, such as a small tax refund, unexpected parcel delivery or billing error in your favour

fake letter emailed toTelstra customers image www.scamsfakes.com

A copy of the fake letter emailed toTelstra customers. Photo: MailGuard

The latest wave of convincing-looking scam emails, identified by MailGuard, claim you’ve somehow paid your Telstra bill twice so you’re entitled to a refund. Rather than take a shotgun approach the scammers have only sent it to Telstra customers – more than 20,000 of them – who probably won’t find it too hard to believe that the telco has managed to stuff up their bill.

This isn’t a cryptolocker attack like many fake emails that have probably arrived in your inbox lately – there isn’t an infected malware attachment or dodgy link designed to encrypt all your documents and demand a ransom. Instead the official-looking letter, supposedly signed by Telstra executive Gerd Schenkel, points you to Telstra’s My Account online portal where you can log into your Telstra account and claim your refund.

Of course the link doesn’t send you to Telstra’s real My Account page, just a very convincing-looking forgery as part of a “phishing” attack hoping to trick you into handing over sensitive information. Along with your Telstra login and password you’re asked to provide all your credit card and billing address details along with your date of birth.

Not only can scammers use these details to go on a shopping spree with your credit card, it’s also enough information for them to pretend to be you and start racking up other debts in your name.

The best defence against these attacks is a healthy sense of paranoia. Often they’ll be riddled with grammatical errors, come from a suspicious-looking email address or rely on a suspicious-looking website name. This latest Telstra attack does look very convincing, but if nothing else the fact that it asks for so much information should ring alarm bells.

Always assume that any unexpected email you received from a service provider is a fake. Never open attachments, click on links in the email or trust the supplied phone number. If in doubt, contact the provider directly to clarify.

If you’ve been caught by this scam the best thing to do is notify Telstra, change your My Account password and notify your bank so it can cancel your credit card.

Have you been caught out by these kinds of scams? How do you spot the fakes?

Tell us your story HERE

SDR

www.intelagencies.com

Henry Sapiecha

Thousands targeted by ‘ransomware’ email scam which copies AGL Energy Bills

A destructive scam email that infects computers and holds them hostage has successfully targeted at least 10,000 Australians since it was detected this week, a cybersecurity analyst says.

The email, purporting to be from energy company AGL, sends a fake bill and prompts the recipient to click on a link to download a copy.

agl energy fake web page image www.scamsfakes.com

The fake AGL webpage that prompts users to download malware. 

It then saves a .zip file on the computer which, when extracted, locks the machine down using malware known as “ransomware”. The recipient is prompted to pay $US640 ($A880) to unlock it.

Raymond Schippers ​, a senior analyst at global cybersecurity firm Check Point, said once the file has downloaded ransomware such as Torrentlocker or Cryptolocker – sometimes spelled with 0 in place of o – the only way to get rid of it is to restore from a backup or to wipe the computer and start over again.

fake AGL invoice, containing a link to a virus image www.scamsfakes.com

A fake AGL invoice, containing a link to a virus, which is being sent to Australians. 

The fake AGL email has successfully infiltrated companies across Australia. It aims to get users to install the file at their work, where it could then cause widespread damage by gaining access to legitimate corporate emails which could be used to send the scam on.

“It’s across pretty much all kinds of sectors, from other utilities to education to finance, mining and resources, so it’s widespread throughout Australia,” said Mr Schippers, who has worked in online security for 10 years.

He said an analysis of the malware website by Check Point found at least 10,000 people had actually gone to the end of the download process, and were “very likely to have been infected”, while “many more” could have been affected.

The website used URLs such as “checkyourbills.com” or “electricitybill.com” and would look legitimate to “most users”, he said.

ransom screen seen by those who download the infected .zip file image www.scamafakes.com

However, there were several things that could tip off AGL customers that the email is fake.

When a recipient attempts to open it on their phone or on a Mac computer, it gives an error message and says to use a Windows computer, and the .zip file type is also suspicious.

“Realistically, if you open it on your iPhone and it says ‘this doesn’t work on an iPhone’, it probably isn’t a real website,” Mr Schippers said. “All the websites from all Australian utilities work on phones these days.

“The .zip file is another indication that it’s not usually a bill either. They usually don’t send bills as .zip files, they’ll send them as .pdf or something similar.”

Energy company AGL has acknowledged the scam, which it says “contains malicious malware that has potential to access personal information”.

In a statement, AGL said it had reported the scam to the Australian Federal Police, the government’s Scamwatch website, and to the Australian Competition and Consumer Commission.

The company said any customers who think they have received the email should delete it immediately, run antivirus software and add the sender to their junk email list.

“The scam email presents as an e-Account and asks readers to click on a link,” the statement said. “AGL advises it will never send an email asking for personal banking or financial details.

“Anyone receiving a suspicious email should delete it immediately or, if opened, not click on any links within the email. Anyone with concerns relating to this scam email should call AGL on 131 245 or contact Scamwatch on 1300 795 995.”

Even if the ransom is paid the malware will continue to monitor the computer, Mr Schippers said, recording keystrokes and mouse movements.

He said Australians accounted for 25 per cent of victims of malicious email attacks around the world, because “quite a number” of people continue to click on them and may have the cash to pay up.

“Australia seems to be very vulnerable to these kind of attacks,” Mr Schippers said. “It just relies on peoples’ nature to want to click on things and open things, so I would really just implore people to take a second to think about it before clicking on it.”

********

What to do if you’re infected:

  • check if your computer has any back-ups
  • consult with an IT professional and seek advice on what can be recovered
  • restore computer from back-ups or wipe it back to factory settings

f4y

Henry Sapiecha