fbpx

Posts in Staysmartonline

Can you spot a scam?

August 17th, 2020 Posted by Internet Safety, Payments, Staysmartonline, Uncategorized 0 thoughts on “Can you spot a scam?”

Welcome to the National Scams Awareness Week 2020! 

(Australia and New Zealand)

Gobbill has been a strong supporter in protecting people from against fraud and scams since 2015. We are proud to be a campaign partner for this year’s National Scams Awareness Week. 

Throughout this week, we will be raising awareness of scams and frauds. We will focus on Phishing and Email Compromise. These are two areas of scams that Gobbill has extensive experience in confronting.  

To kick off the week, we have posted a quiz titled Can you spot a scam?’ on our Instagram page.

If you are here to read the explanations, please keep reading.

If you have not done the quiz, hop off this page and come back to this page for the explanations. 

  1. Optus – This is a real email bill from Optus. Optus does send from cloudmails.net and they do personalised the email to the account holder.   
  2. ANZ –This is a Scam. The sender anzhost.org is fake and the email is not personalised. 
  3. DocuSign – This is a Scam. An email from DocuSign will have the sender’s email and details above the general text. Tricky one!   
  4. Xero – This is a real email and invoice. The email is from the correct sender and the email is correctly personalised to the recipient.  As a scammer, this would be one of the easiest to use; to change the link or attachment and have something quite malicious for the victim.

How did you go? Scam emails or texts can look extremely authentic and convincing through replicating legitimate messages from trusted senders. 

These scams often feature official looking logos and emails and a ‘call to action’ to open a malicious link or share personal information. That’s why Gobbill has developed automated checks of domains, links and much more over the last 5 years. Gobbill fetches and/or opens attachments safely so you don’t have to.  

We do this for all Australian billers including telcos, councils, utilities and many more. 

We process payments to over 40,000 billers with over 1m+ Australians already having access to Gobbill’s payment platform.

For more information, contact us at: https://gobbill.com/contact/ 

Tax time: Don’t fall for myGov related SMS and email scams says Australian Cyber Security Centre.

July 17th, 2020 Posted by Alerts, Internet Safety, Staysmartonline, Take Five to Stop Fraud 0 thoughts on “Tax time: Don’t fall for myGov related SMS and email scams says Australian Cyber Security Centre.”

The Australia taxation office has received reports that myGov related SMS and email scams are targeting Australians. The increased SMS and email scams coincide with tax time where millions of Australians are accessing and engaging with myGov services. 

What do the scams look like?  

These myGov related scams looks as if they have been sent from a myGov or ATO email address. Scammers utilise technology that allows emails to be sent in a similar way to conversation threads sent by myGov or ATO messaging.  

The call to action in the email is to click a link that asks for your personal details for ‘verification purposes.’ The official advice from ATO is ‘DON’T click any links’ and ‘DON’T provide the information requested.’ 

scam message

Example of a scam message from the Australia Cyber Security Centre. Source: https://www.cyber.gov.au/acsc/view-all-content/alerts/increasing-reports-mygov-related-sms-and-email-scams-targeting-australians 

How to protect yourself from myGov related scam: 

If a scam email or SMS is delivered to you, do not open the links or provide any personal details or information requested. 

Remember:

  • ATO will never send a message asking you to access their services via a URL.  
  • Sign in anytime to your myGov accounts to check updates on tax affairs 
  • For extra protection on your myGov account, enable two-factor authentication (2FA). This can be accessed by signing into your myGov account and turning the feature on in ‘Account settings’ 
  • If you see a suspicious myGov email or SMS with a URL, email: reportascam@servicesaustralia.gov.au
  • If you have clicked a link on a myGov email or SMS and entered your details, contact: Services Australia on 1800 941 126. 

For more information visit: https://www.cyber.gov.au/

Invoice Fraud – Is your business Protected? What is it worth to you?

April 7th, 2020 Posted by Featured, Internet Safety, Payments, Staysmartonline 0 thoughts on “Invoice Fraud – Is your business Protected? What is it worth to you?”
07/04/2020
Police Arrests following Invoice Fraud
NSW Police last week arrested and charged two men over their alleged involvement in a $2.6 million Business Email Compromise (BEC) scam syndicate. The scam involved sending altered invoices to businesses who unknowingly paid the scammers into their accounts.

One of the men is believed by police to be the leader of the syndicate and faces charges related to directing a criminal group. Police allege he gained more than $1.6 million, and unsuccessfully tried to gain nearly another $1 million through email scams from mid-2018 until early this year.

Commander of the NSW Cybercrime Squad, Matthew Craft, said cybercrime presents “a unique challenge for law enforcement”.
“These arrests are a timely reminder for all individuals and businesses to have strong cyber security measures in place for protection,” Craft said.

“During this investigation, officers uncovered a criminal network targeting hard-working Australian businesses through a series of sophisticated email scams,” Det Supt Craft said.
Police charged three other people last year in relation to the same investigation.

Business email compromise scams
Business email compromise (BEC) scams – where finance staff are deceived into paying fake invoices –are becoming increasingly common.

In 2018 alone, it was estimated that Australian businesses lost more than $60 million from this type of scam.

An ice rink in Sydney’s South West fell victim to a BEC scam earlier this year after receiving changed payment details for a new ice resurfacer it was purchasing, transferring $77,000 into an unknown Hungarian bank account.

Currently, the COVID-19 outbreak is creating a new set of challenges for businesses trying to shore up their cyber defences. There has been a rise in the number of coronavirus-related scams in recent weeks. With many Australian businesses trying to operate remotely to help encourage social distancing, networks could be more vulnerable as they are spread away from centralised IT systems.

How can you protect your business?
The Australian Cyber Security Centre has a list of strategies to mitigate the effects of cyber-attacks during the COVID-19, but one of the simplest steps business owners or accountants/bookkeepers can take to reduce their risk is to implement Gobbill as their accounts payable solution.

Gobbill is a simple, affordable bill payment automation and fraud protection tool that protects users from scams like Business Email Compromise. Our unique Know Your Biller process checks every document before it is scheduled to be paid, and intervenes to stop payment of any bills which are suspicious or have been tampered with.

Plans start from $25 per month, with a free 1 month trial on our small business plan.

To arrange a demo contact erica@gobbill.com.au or call 0444 599 715.

Source Articles: https://ia.acs.org.au/article/2020/police-arrest-men-over–2-6m-email-scam.html
https://www.infosecurity-magazine.com/news/australians-arrested-over-26m/

Alert Priority HIGH: Widespread reports of COVID-19 malicious scams being sent to Australians

March 27th, 2020 Posted by Alerts, Featured, Staysmartonline 0 thoughts on “Alert Priority HIGH: Widespread reports of COVID-19 malicious scams being sent to Australians”
27 March 2020

What’s happened?
The Australian Cyber Security Centre (ACSC) is aware of a significant increase in Australians being targeted with COVID-19 related scams and phishing emails. 
 
In the last three months, the ACSC and the Australian Competition and the Consumer Commission’s (ACCC) Scamwatch has received over 140 reports from individuals and businesses across Australia. 
 
These phishing emails are often sophisticated, preying on people’s desire for information and imitating trusted and well-known organisations or government agencies. 
 
Clicking on these malicious links or visiting fake websites may automatically install computer viruses or malware and ransomware onto your device, giving cyber criminals the ability to steal your financial and personal information.
 
These scams are likely to increase over the coming weeks and months and the ACSC strongly encourages organisations and individuals to remain alert. 
 
Here are some examples of what to look out for now:
Example 1: SMS phishing scam messages offering where to get tested for COVID-19 or how to protect yourself In these examples, the SMS appears to come from ‘GOV’ or ‘GMAIL’, with a malicious link to find out where to get tested in your local area. 
 
Scamwatch and the ACSC is also aware of a SMS scam using the sender identification of ‘myGov.’ These scam messages are appearing in the same conversation threads as previous official SMS messages you may have received from myGov. 
Example 2: COVID-19 phishing email impersonating Australia Post to steal personal information
Under the pretence of providing advice about travelling to countries with confirmed cases of COVID-19, this phishing email aims to trick you into visiting a website that will steal your personal and financial information. 
Once they have your personal information, the scammers can open bank accounts or credit cards in your name, often using these stolen funds to purchase luxury items or transfer the money into untraceable crypto-currencies such as bitcoin.
  Example 3: Phishing emails pretending to be an international health sector organisation
This is an example of one COVID-19 themed phishing email where the sender is pretending to be a well-known international health organisation. The email prompts you to click on the web link to access information about new cases of the virus in your local area, or to open an attachment for advice on safety measures to prevent the spread.
 
Example 4: Phishing emails containing malicious attachments In this example, the phishing email is pretending to be from the World Health Organization and prompts you to open an attachment for advice on safety measures to prevent the spread of COVID-19. When opened, the attached file contains malicious software that automatically downloads onto your device, providing the scammer with ongoing access to your device. 
Example 5: COVID-19 relief payment scam Scammers are also sending phishing emails targeting an increasing number of Australians that are seeking to work from home, wanting to help with relief efforts or requiring financial assistance if they find themselves out of work. In this example, the email offers recipients $2,500 in ‘COVID-19 assistance’ payments if they complete an attached application form. Opening the attachment may download malicious software onto your device. How do I stay safe?The ACSC has produced a detailed report, including practical cyber security advice that organisations and individuals can follow to reduce the risk of harm.
 
You can read the report and protect yourself by following these simple steps:Read the message carefully, and look for anything that isn’t quite right, such as tracking numbers, names, attachment names, sender, message subject and hyperlinks.If unsure, call the organisation on their official number, as it appears on their website and double check the details or confirm that the request is legitimate. Do not contact the phone number or email address contained in the message, as this most likely belongs to the scammer.Use sources such as the organisation’s mobile phone app, web site or social media page to verify the message. Often large organisations, like Australia Post, will have scam alert pages on their websites, with details of current known scams using their branding, to watch out for.If you’ve received one of these messages and you’ve clicked on the link, or you’re concerned your personal details have been compromised, contact your financial institution immediately.
 More informationIf you’ve suffered financial loss from cybercrime, report it to ReportCyber at www.cyber.gov.au/report.  
 
Visit cyber.gov.au for advice to help businesses stay secure from cyber threats, whilst managing a remote workforce. 
 
To stay up to date on the latest online threats and how to respond, sign up to the Stay Smart Online Alert Service, www.staysmartonline.gov.au/alert-service.
 
More advice and support is available on our Get help page.
 
For information on the COVID-19 pandemic, visit https://www.health.gov.au    The information provided here is of a general nature. Everyone’s circumstances are different. If you require specific advice you should contact your local technical support provider. Feedback
Thank you to those subscribers who have provided feedback to our Alerts and Newsletters. We are very interested in your feedback and where possible take on board your suggestions or requests.    
 
Disclaimer
This information has been prepared by the ACSC. It was accurate and up to date at the time of publishing.
This information is general information only and is intended for use by private individuals and small to medium sized businesses. If you are concerned about a specific cyber security issue you should seek professional advice.
The Commonwealth and all other persons associated with this advisory accept no liability for any damage, loss or expense incurred as a result of the provision of this information, whether by way of negligence or otherwise.
Nothing in this information (including the listing of a person or organisation or links to other web sites) should be taken as an endorsement of a particular product or service.
Please note that third party views or recommendations included in this information do not reflect the views of the Commonwealth, or indicate its commitment to a particular course of action. The Commonwealth also cannot verify the accuracy of any third party material included in this information.

More details: https://www.staysmartonline.gov.au/alert-service/widespread-reports-covid-19-malicious-scams-being-sent-australians
CONTACT US
Facebook: www.facebook.com/staysmartonline
Email: staysmart.online@defence.gov.au
Web: www.staysmartonline.gov.au
You are receiving this message at the address shendon@gobbill.com.au.
If you no longer wish to receive this information, you can unsubscribe. © 2020 Australian Government.All rights reserved.

ACCC Scamwatch received 5000 reports of fake billing scams in the last 12months. Scammers impersonating energy and telecommunications companies via email.

April 24th, 2018 Posted by Alerts, Internet Safety, Staysmartonline 0 thoughts on “ACCC Scamwatch received 5000 reports of fake billing scams in the last 12months. Scammers impersonating energy and telecommunications companies via email.”

Beware of scammers impersonating energy and telecommunications companies

Source: ACCC Swamwatch 24 April 2018

The ACCC is warning consumers to beware of scammers impersonating energy and telecommunications providers and demanding payments.

Scamwatch has received 5000 reports of fake billing scams in the last 12 months, with reported losses of close to $8000.

“The scammers typically impersonate well known companies such as Origin, AGL, Telstra and Optus via email, to fool people into assuming the bills are real,” ACCC Deputy Chair Delia Rickard said.

“They send bulk emails or letters which include a logo and design features closely copied from the genuine provider. The bill states the account is overdue and if not paid immediately the customer will incur late charges or be disconnected.”

“Alternatively, the bill may claim that the customer has overpaid and is owed a refund or it may simply say the bill is due and ready to pay,” Ms Rickard said.

New South Wales residents reported the highest number of incidents of the fake billing scam, with 1779 households reporting being victims, compared to 1275 in Queensland and 1245 in Victoria, 485 in Western Australia, 462 in South Australia, 132 in the ACT, 117 in Tasmania and 38 in the Northern Territory.

 

“Older Australians should particularly be wary of emails pretending to be from utility companies, with people over 65 reporting the most fake utility billing scam incidents,” Ms Rickard said.

“I advise consumers to contact their communications or energy provider directly via the company’s official channels to verify that the email or letter is actually from them.”

“Customers should never use the contact details provided on the suspicious email or letter but instead use an independent source to locate contact details such as a past bill or the phone book.”

In one case reported to the ACCC, a customer received a fake Telstra bill in the mail. The bill stated the customer’s account was overdue and immediate payment was needed. The customer dialled the phone number provided and was asked for his date of birth and driver’s licence number to confirm his identity.

“If customers are duped into phoning scammers they will then attempt to steal as much personal information as they can,” Ms Rickard said.

Other tips on how consumers can protect themselves:

If you receive a bill outside of your normal billing cycle, or don’t expect to receive an overdue notice, call your provider to check whether it is legitimate.
If you are not a customer of the company simply delete the email.
Never click on links or open attachments in an email from an unverified sender – they may contain a malicious virus.
Never send money or give credit card details, online account details or personal information to anyone you don’t know or trust and never by email or over the phone.
Keep your computer secure – always update your firewall, anti-virus and anti-spyware software, and only buy from a verified source.

— End —

 

Gobbill is featured in media across Australia

February 13th, 2018 Posted by Case Studies, Gobbill News, Internet Safety, Product Features, Startup, Staysmartonline 0 thoughts on “Gobbill is featured in media across Australia”

Co-founders Quentin Marsh and Shendon Ewans originally came up with the idea for Gobbill in a local pub. The initial concept was to help people pay bills on time.

However, when Shendon’s father fell victim to an email scam and lost his savings, Shendon and his brother Simon (a software engineer with Gobbill) took action. Email scams are rapidly increasing across Australia and around the world. Gobbill has now built in extra fraud protection and offers a solution for those looking to protect themselves from potential email scams.

Read the Sydney Morning Herald article.

Read The Age article.

 

ACCC reports online scam losses total nearly $37 million so far in 2017. 45 to 54 y/o most likely to lose money.

October 10th, 2017 Posted by Alerts, Internet Safety, Staysmartonline 0 thoughts on “ACCC reports online scam losses total nearly $37 million so far in 2017. 45 to 54 y/o most likely to lose money.”

This Stay Smart Online Week (9-13 October), the ACCC is warning the community to watch out for common online scams they might encounter.

The online sphere – email, the internet, social media and mobile apps – has overtaken telephones as scammers’ preferred tool of the trade to contact potential victims. In 2017, the ACCC’s Scamwatch site has received more than 51,000 reports of scammers trying to con people online. Online scam losses total nearly $37 million so far in 2017, with people aged 45 to 54 most likely to lose money.

 

Video transcript.

“It’s difficult to spot a scammer online these days as they  go to great lengths  to trick the public and steal personal information and money,” ACCC Deputy Chair Delia Rickard said.

The top three scams that people are most likely to encounter online are:

  • Phishing – often delivered via email, scammers will pretend to be from well-known businesses and government departments to con unsuspecting victims out of their personal information and money. For example they might say they’re from Apple and you need to reset your password for security reasons, or they may offer you a gift voucher to a major supermarket for completing a ‘survey’.
  • False billing – scammers will pretend to be from a utility provider such as your phone or energy company and send you a fake bill. These scams can be very hard to pick as the fake bills scammers send look authentic.
  • Buying and selling – scammers will trick people who are looking to buy or sell goods online. For example, they may set up a fake online store that sells well-known brands at seemingly too-good-to-be-true prices; or they may set up a fake listing on a classifieds website.

Ms Rickard said there are some simple techniques members of the public can employ to avoid being stung by a scammer online.

“While scammers are often after your money, they’re also trying to steal your personal information, which is just as valuable. It’s important to safeguard your personal details online the same way you would your wallet,” Ms Rickard said.

“If you’re ever contacted out of the blue, particularly via email, by someone asking you to pay a bill, complete a survey or update your passwords, it pays to be sceptical. If it seems too good to be true, it probably is.”

“If you’re unsure about the legitimacy of something online like a store, classified listing or email you receive, do you own research as others who have been stung by scammers will often post warnings for others. There are also plenty of very useful tips and advice at www.scamwatch.gov.au to avoid being stung by online scams,” Ms Rickard said.

Source and to see more information about Stay Smart Online Week.

Australians lost $12.5M to scams last month. Older women are the hardest hit.

September 22nd, 2017 Posted by Alerts, Financial Management, Gobbill News, Staysmartonline 0 thoughts on “Australians lost $12.5M to scams last month. Older women are the hardest hit.”

Gobbill processes 3 times more bills in the last month of each quarter, with installments such as council rates and some electricity bills coming up for payment. This makes this period the ideal time for scammers to target individuals with fraudulent bills.

It’s always good to keep a close eye on your email inbox. Statistics show that online scams are a growing issue, with huge losses to scams over August this year. Australians lost $12.5M in scams last month (August 2017), which is almost double compared to the same time last year. Email fraud makes up an estimated 27% of all scams, with an estimated total of $3.4M lost last month. The hardest hit by scams are older women. Apart from being aware and cautious of scams, keep yourself protected with Gobbill to help check and pay email bills.

August 2017 – Number of reports by Age and Gender

Source: Scamwatch

 

Gobbill is a partner of the Commonwealth Government Stay Smart Online program. In recent months, the Government Cyber program has issued a number of alerts of new phishing emails carrying malware. The emails pretend to come from a number of Australian institutions including Telstra, Origin Energy and AGL.

Find out more about Gobbill. It’s free to use service that protects you from email bill scams.

EnergyAustralia dragged into major phishing scam

June 21st, 2017 Posted by Alerts, Internet Safety, Staysmartonline 0 thoughts on “EnergyAustralia dragged into major phishing scam”

EnergyAustralia is being impersonated by cyber criminals in a malware campaign reports  IDG ARN. EnergyAustralia has become the second local energy provider caught up in a major email phishing scam after a “large volume” of malicious emails recently began hitting Australian inboxes, according to email security company, MailGuard.

The Melbourne-based company said the realistic-looking email masquerades as an invoice from the energy company, advising customers that the invoice is due in the coming days. Read more at ARN. EnergyAustralia has also issued their own warnings of the fake bills and provided advice to check on the source/sender of the email. Read more at EnergyAustralia.

 

High Alert for ransomware issued by Australian Government cyber security agency.

May 14th, 2017 Posted by Alerts, Internet Safety, Staysmartonline 0 thoughts on “High Alert for ransomware issued by Australian Government cyber security agency.”

Australian Cybercrime Online Reporting Network (ACORN) has today issued a high priority alert to beware of the same ransomware disrupting organisations globally, including the UK’s National Health Service.

What can you do? Keep safe by applying software updates and backing up your data regularly. Use Gobbill to check and pay your email bills. You don’t need to know if it’s a fake bill and you don’t need to click on any links. Simply forward the email to your own @gobbill.com email address and it’s taken care for you. Read more gobbill.com.au

Last week, hackers used tools believed to have been developed by the US National Security Agency which has infected tens of thousands of computers in nearly 100 countries, disrupting Britain’s health system and global shipper FedEx. Australian Cyber Security Centre is tracking the attack campaign which goes by various names including WannaCry. It leverages known vulnerabilities in Microsoft Windows patched since March 2017 making this disruption and impact preventable.

ACORN reports that they are continuing to monitor the situation closely.

——–

New Gobbill users can sign up for a FREE account at gobbill.com.au.

Follow us on Facebook/gobbill to receive further alerts.

 
What is Ransomware?

Ransomware is malicious software that makes data or systems unusable until the victim makes a payment. In this case, cyber extortionists tricked victims into opening malicious malware attachments to spam emails that appeared to contain invoices, job offers, security warnings and other legitimate files reports The Sydney Morning Herald. 

About ACORN.

ACORN provides information on how to recognise and avoid common forms of cybercrime, such as hacking, online scams, online fraud, identity theft, attacks on computer systems and illegal or prohibited content, as well as offering advice to those who have fallen victim.