Employees exposed to growing threat of email frauds

AUSTRALIA: Email fraud – often called ‘phishing’ – has become a lucrative business for cybercriminals, and as a result, more and more nasty phishing emails are headed for our mailboxes. This means we all have to become more suspicious whenever we open an email. Employees in particular must learn to be extremely vigilant about checking emails that ask for payments.

Australian Police recently issued a warning about an email scam where users are requested to pay bitcoin to prevent the release of embarrassing footage. In this case, the scammers attempt to establish credibility by including one of the user’s actual passwords, sourced from previous data leaks published on the Internet.

The threats are not credible and no footage exists. The emails should be disregarded, Police said.

In Geelong, Australia, the members of an organisation which had a promotional list of these business members on its home page, received an email with the subject line: ‘Very important issues’. It appeared as if it was sent from the organisation, using its logo and regular newsletter font, asking them to click on a link to support the cause.

‘Friday afternoon fraud’
In February 2018, the Australian banks launched a New Payments Platform in Australia, which makes payments between banks almost instant. This new platform will become a magnet for fraud, said Steve Worthington, an adjunct professor at Swinburne University of Technology.

He described how Australians have recently become more vulnerable to a type of phishing fraud known as ‘Friday afternoon fraud’.

In the United Kingdom, Friday is the day that many property sales are due for settlement and funds are transferred from payer to payee. In the Friday afternoon fraud, the fraudsters hack into emails between solicitors and their home-buying clients and then on the day that the money is about to be moved, impersonate the solicitor and send the client an email saying that the bank account details have changed and the payments should be made to a different account, created by the fraudster.

The victim usually doesn’t know about it until the following week when they look for confirmation, and find they’ve sent the money to the wrong account.

Be very protective
Worthington published an article on The Conversation and ABC Opinion about this. He states that both consumers and businesses need to be on alert and be very protective about their bank and card details.

If you receive an email about a payment, use the phone to check that the demand is real, he suggests.

“I think it does come down to common sense,” said Leila Fourie, chief executive of the Australian Payments Network, the industry’s self-regulatory body, which will soon be launching an education program to help consumers and businesses protect their card details and online identities.

Credit card fraud cost $534 million in 2016, up from about $469 million in 2015. For every $1,000 spent online, 74.7 cents was lost to fraud, according to the Australian Payments Network.

→ ABC – 5 September 2018:
The new payments system is a magnet for fraud. Here’s how to prepare