Gobbill would have STOPPED this invoice fraud and saved Jane $51,000.
Gobbill would have STOPPED this invoice fraud and saved Jane $51,000.
Welcome to the National Scams Awareness Week 2020!
(Australia and New Zealand)
Gobbill has been a strong supporter in protecting people from against fraud and scams since 2015. We are proud to be a campaign partner for this year’s National Scams Awareness Week.
Throughout this week, we will be raising awareness of scams and frauds. We will focus on Phishing and Email Compromise. These are two areas of scams that Gobbill has extensive experience in confronting.
To kick off the week, we have posted a quiz titled ‘Can you spot a scam?’ on our Instagram page.
If you are here to read the explanations, please keep reading.
If you have not done the quiz, hop off this page and come back to this page for the explanations.
How did you go? Scam emails or texts can look extremely authentic and convincing through replicating legitimate messages from trusted senders.
These scams often feature official looking logos and emails and a ‘call to action’ to open a malicious link or share personal information. That’s why Gobbill has developed automated checks of domains, links and much more over the last 5 years. Gobbill fetches and/or opens attachments safely so you don’t have to.
We do this for all Australian billers including telcos, councils, utilities and many more.
We process payments to over 40,000 billers with over 1m+ Australians already having access to Gobbill’s payment platform.
For more information, contact us at: https://gobbill.com/contact/
The Australia taxation office has received reports that myGov related SMS and email scams are targeting Australians. The increased SMS and email scams coincide with tax time where millions of Australians are accessing and engaging with myGov services.
What do the scams look like?
These myGov related scams looks as if they have been sent from a myGov or ATO email address. Scammers utilise technology that allows emails to be sent in a similar way to conversation threads sent by myGov or ATO messaging.
The call to action in the email is to click a link that asks for your personal details for ‘verification purposes.’ The official advice from ATO is ‘DON’T click any links’ and ‘DON’T provide the information requested.’
Example of a scam message from the Australia Cyber Security Centre. Source: https://www.cyber.gov.au/acsc/view-all-content/alerts/increasing-reports-mygov-related-sms-and-email-scams-targeting-australians
How to protect yourself from myGov related scam:
If a scam email or SMS is delivered to you, do not open the links or provide any personal details or information requested.
For more information visit: https://www.cyber.gov.au/
Police Arrests following Invoice Fraud
NSW Police last week arrested and charged two men over their alleged involvement in a $2.6 million Business Email Compromise (BEC) scam syndicate. The scam involved sending altered invoices to businesses who unknowingly paid the scammers into their accounts.
One of the men is believed by police to be the leader of the syndicate and faces charges related to directing a criminal group. Police allege he gained more than $1.6 million, and unsuccessfully tried to gain nearly another $1 million through email scams from mid-2018 until early this year.
Commander of the NSW Cybercrime Squad, Matthew Craft, said cybercrime presents “a unique challenge for law enforcement”.
“These arrests are a timely reminder for all individuals and businesses to have strong cyber security measures in place for protection,” Craft said.
“During this investigation, officers uncovered a criminal network targeting hard-working Australian businesses through a series of sophisticated email scams,” Det Supt Craft said.
Police charged three other people last year in relation to the same investigation.
Business email compromise scams
Business email compromise (BEC) scams – where finance staff are deceived into paying fake invoices –are becoming increasingly common.
In 2018 alone, it was estimated that Australian businesses lost more than $60 million from this type of scam.
An ice rink in Sydney’s South West fell victim to a BEC scam earlier this year after receiving changed payment details for a new ice resurfacer it was purchasing, transferring $77,000 into an unknown Hungarian bank account.
Currently, the COVID-19 outbreak is creating a new set of challenges for businesses trying to shore up their cyber defences. There has been a rise in the number of coronavirus-related scams in recent weeks. With many Australian businesses trying to operate remotely to help encourage social distancing, networks could be more vulnerable as they are spread away from centralised IT systems.
How can you protect your business?
The Australian Cyber Security Centre has a list of strategies to mitigate the effects of cyber-attacks during the COVID-19, but one of the simplest steps business owners or accountants/bookkeepers can take to reduce their risk is to implement Gobbill as their accounts payable solution.
Gobbill is a simple, affordable bill payment automation and fraud protection tool that protects users from scams like Business Email Compromise. Our unique Know Your Biller process checks every document before it is scheduled to be paid, and intervenes to stop payment of any bills which are suspicious or have been tampered with.
Plans start from $25 per month, with a free 1 month trial on our small business plan.
To arrange a demo contact email@example.com or call 0444 599 715.
Source Articles: https://ia.acs.org.au/article/2020/police-arrest-men-over–2-6m-email-scam.html
|27 March 2020|
The Australian Cyber Security Centre (ACSC) is aware of a significant increase in Australians being targeted with COVID-19 related scams and phishing emails.
In the last three months, the ACSC and the Australian Competition and the Consumer Commission’s (ACCC) Scamwatch has received over 140 reports from individuals and businesses across Australia.
These phishing emails are often sophisticated, preying on people’s desire for information and imitating trusted and well-known organisations or government agencies.
Clicking on these malicious links or visiting fake websites may automatically install computer viruses or malware and ransomware onto your device, giving cyber criminals the ability to steal your financial and personal information.
These scams are likely to increase over the coming weeks and months and the ACSC strongly encourages organisations and individuals to remain alert.
Here are some examples of what to look out for now:
Example 1: SMS phishing scam messages offering where to get tested for COVID-19 or how to protect yourself In these examples, the SMS appears to come from ‘GOV’ or ‘GMAIL’, with a malicious link to find out where to get tested in your local area.
Scamwatch and the ACSC is also aware of a SMS scam using the sender identification of ‘myGov.’ These scam messages are appearing in the same conversation threads as previous official SMS messages you may have received from myGov.
Example 2: COVID-19 phishing email impersonating Australia Post to steal personal information
Under the pretence of providing advice about travelling to countries with confirmed cases of COVID-19, this phishing email aims to trick you into visiting a website that will steal your personal and financial information.
Once they have your personal information, the scammers can open bank accounts or credit cards in your name, often using these stolen funds to purchase luxury items or transfer the money into untraceable crypto-currencies such as bitcoin.
Example 3: Phishing emails pretending to be an international health sector organisation
This is an example of one COVID-19 themed phishing email where the sender is pretending to be a well-known international health organisation. The email prompts you to click on the web link to access information about new cases of the virus in your local area, or to open an attachment for advice on safety measures to prevent the spread.
Example 4: Phishing emails containing malicious attachments In this example, the phishing email is pretending to be from the World Health Organization and prompts you to open an attachment for advice on safety measures to prevent the spread of COVID-19. When opened, the attached file contains malicious software that automatically downloads onto your device, providing the scammer with ongoing access to your device.
Example 5: COVID-19 relief payment scam Scammers are also sending phishing emails targeting an increasing number of Australians that are seeking to work from home, wanting to help with relief efforts or requiring financial assistance if they find themselves out of work. In this example, the email offers recipients $2,500 in ‘COVID-19 assistance’ payments if they complete an attached application form. Opening the attachment may download malicious software onto your device. How do I stay safe?The ACSC has produced a detailed report, including practical cyber security advice that organisations and individuals can follow to reduce the risk of harm.
You can read the report and protect yourself by following these simple steps:Read the message carefully, and look for anything that isn’t quite right, such as tracking numbers, names, attachment names, sender, message subject and hyperlinks.If unsure, call the organisation on their official number, as it appears on their website and double check the details or confirm that the request is legitimate. Do not contact the phone number or email address contained in the message, as this most likely belongs to the scammer.Use sources such as the organisation’s mobile phone app, web site or social media page to verify the message. Often large organisations, like Australia Post, will have scam alert pages on their websites, with details of current known scams using their branding, to watch out for.If you’ve received one of these messages and you’ve clicked on the link, or you’re concerned your personal details have been compromised, contact your financial institution immediately.
More informationIf you’ve suffered financial loss from cybercrime, report it to ReportCyber at www.cyber.gov.au/report.
Visit cyber.gov.au for advice to help businesses stay secure from cyber threats, whilst managing a remote workforce.
To stay up to date on the latest online threats and how to respond, sign up to the Stay Smart Online Alert Service, www.staysmartonline.gov.au/alert-service.
More advice and support is available on our Get help page.
For information on the COVID-19 pandemic, visit https://www.health.gov.au The information provided here is of a general nature. Everyone’s circumstances are different. If you require specific advice you should contact your local technical support provider. Feedback
Thank you to those subscribers who have provided feedback to our Alerts and Newsletters. We are very interested in your feedback and where possible take on board your suggestions or requests.
This information has been prepared by the ACSC. It was accurate and up to date at the time of publishing.
This information is general information only and is intended for use by private individuals and small to medium sized businesses. If you are concerned about a specific cyber security issue you should seek professional advice.
The Commonwealth and all other persons associated with this advisory accept no liability for any damage, loss or expense incurred as a result of the provision of this information, whether by way of negligence or otherwise.
Nothing in this information (including the listing of a person or organisation or links to other web sites) should be taken as an endorsement of a particular product or service.
Please note that third party views or recommendations included in this information do not reflect the views of the Commonwealth, or indicate its commitment to a particular course of action. The Commonwealth also cannot verify the accuracy of any third party material included in this information.
More details: https://www.staysmartonline.gov.au/alert-service/widespread-reports-covid-19-malicious-scams-being-sent-australians
You are receiving this message at the address firstname.lastname@example.org.
If you no longer wish to receive this information, you can unsubscribe. © 2020 Australian Government.All rights reserved.
Source: ACCC Swamwatch 24 April 2018
The ACCC is warning consumers to beware of scammers impersonating energy and telecommunications providers and demanding payments.
Scamwatch has received 5000 reports of fake billing scams in the last 12 months, with reported losses of close to $8000.
“The scammers typically impersonate well known companies such as Origin, AGL, Telstra and Optus via email, to fool people into assuming the bills are real,” ACCC Deputy Chair Delia Rickard said.
“They send bulk emails or letters which include a logo and design features closely copied from the genuine provider. The bill states the account is overdue and if not paid immediately the customer will incur late charges or be disconnected.”
“Alternatively, the bill may claim that the customer has overpaid and is owed a refund or it may simply say the bill is due and ready to pay,” Ms Rickard said.
New South Wales residents reported the highest number of incidents of the fake billing scam, with 1779 households reporting being victims, compared to 1275 in Queensland and 1245 in Victoria, 485 in Western Australia, 462 in South Australia, 132 in the ACT, 117 in Tasmania and 38 in the Northern Territory.
“Older Australians should particularly be wary of emails pretending to be from utility companies, with people over 65 reporting the most fake utility billing scam incidents,” Ms Rickard said.
“I advise consumers to contact their communications or energy provider directly via the company’s official channels to verify that the email or letter is actually from them.”
“Customers should never use the contact details provided on the suspicious email or letter but instead use an independent source to locate contact details such as a past bill or the phone book.”
In one case reported to the ACCC, a customer received a fake Telstra bill in the mail. The bill stated the customer’s account was overdue and immediate payment was needed. The customer dialled the phone number provided and was asked for his date of birth and driver’s licence number to confirm his identity.
“If customers are duped into phoning scammers they will then attempt to steal as much personal information as they can,” Ms Rickard said.
Other tips on how consumers can protect themselves:
If you receive a bill outside of your normal billing cycle, or don’t expect to receive an overdue notice, call your provider to check whether it is legitimate.
If you are not a customer of the company simply delete the email.
Never click on links or open attachments in an email from an unverified sender – they may contain a malicious virus.
Never send money or give credit card details, online account details or personal information to anyone you don’t know or trust and never by email or over the phone.
Keep your computer secure – always update your firewall, anti-virus and anti-spyware software, and only buy from a verified source.
— End —
Co-founders Quentin Marsh and Shendon Ewans originally came up with the idea for Gobbill in a local pub. The initial concept was to help people pay bills on time.
However, when Shendon’s father fell victim to an email scam and lost his savings, Shendon and his brother Simon (a software engineer with Gobbill) took action. Email scams are rapidly increasing across Australia and around the world. Gobbill has now built in extra fraud protection and offers a solution for those looking to protect themselves from potential email scams.
This Stay Smart Online Week (9-13 October), the ACCC is warning the community to watch out for common online scams they might encounter.
The online sphere – email, the internet, social media and mobile apps – has overtaken telephones as scammers’ preferred tool of the trade to contact potential victims. In 2017, the ACCC’s Scamwatch site has received more than 51,000 reports of scammers trying to con people online. Online scam losses total nearly $37 million so far in 2017, with people aged 45 to 54 most likely to lose money.
“It’s difficult to spot a scammer online these days as they go to great lengths to trick the public and steal personal information and money,” ACCC Deputy Chair Delia Rickard said.
The top three scams that people are most likely to encounter online are:
Ms Rickard said there are some simple techniques members of the public can employ to avoid being stung by a scammer online.
“While scammers are often after your money, they’re also trying to steal your personal information, which is just as valuable. It’s important to safeguard your personal details online the same way you would your wallet,” Ms Rickard said.
“If you’re ever contacted out of the blue, particularly via email, by someone asking you to pay a bill, complete a survey or update your passwords, it pays to be sceptical. If it seems too good to be true, it probably is.”
“If you’re unsure about the legitimacy of something online like a store, classified listing or email you receive, do you own research as others who have been stung by scammers will often post warnings for others. There are also plenty of very useful tips and advice at www.scamwatch.gov.au to avoid being stung by online scams,” Ms Rickard said.
Source and to see more information about Stay Smart Online Week.
Gobbill processes 3 times more bills in the last month of each quarter, with installments such as council rates and some electricity bills coming up for payment. This makes this period the ideal time for scammers to target individuals with fraudulent bills.
It’s always good to keep a close eye on your email inbox. Statistics show that online scams are a growing issue, with huge losses to scams over August this year. Australians lost $12.5M in scams last month (August 2017), which is almost double compared to the same time last year. Email fraud makes up an estimated 27% of all scams, with an estimated total of $3.4M lost last month. The hardest hit by scams are older women. Apart from being aware and cautious of scams, keep yourself protected with Gobbill to help check and pay email bills.
August 2017 – Number of reports by Age and Gender
Gobbill is a partner of the Commonwealth Government Stay Smart Online program. In recent months, the Government Cyber program has issued a number of alerts of new phishing emails carrying malware. The emails pretend to come from a number of Australian institutions including Telstra, Origin Energy and AGL.
Find out more about Gobbill. It’s free to use service that protects you from email bill scams.
EnergyAustralia is being impersonated by cyber criminals in a malware campaign reports IDG ARN. EnergyAustralia has become the second local energy provider caught up in a major email phishing scam after a “large volume” of malicious emails recently began hitting Australian inboxes, according to email security company, MailGuard.
The Melbourne-based company said the realistic-looking email masquerades as an invoice from the energy company, advising customers that the invoice is due in the coming days. Read more at ARN. EnergyAustralia has also issued their own warnings of the fake bills and provided advice to check on the source/sender of the email. Read more at EnergyAustralia.