How I stopped an $18,000 hacker attack on my business
Brenton Moore is one of many business owners who have been preyed upon by scammers. As more than $60m has been lost to hackers in Australia, this is how he beat them.
Anyone paying an invoice where a business’s banking details have changed should be on high alert, experts warn.
Business email compromise (BEC) scams are quickly becoming a multi-million industry for scammers, preying on businesses and individuals where invoices are involved.
Australian Competition and Consumer Commission data shows there were more than $60 million in losses to these types of scams in 2018 alone.
It usually involves a scammer accessing a business’s email or IT system and sending out fake or doctored invoices.
Scammers often trawl the internet looking for chief financial officers, accountants and payroll officers and then target them accordingly, often through their work emails.
They hack into these email accounts, issue invoices pretending to be the business, and send new bank details to the person paying the invoice.
Brenton Moore, who runs media recruitment practice MAARS, said he invoiced a client for $18,000 only for the email conversation to be intercepted by a scammer.
The scammer then issued the client with a fake invoice, which came from Mr Moore’s email.
“It’s beyond your control and it appears to be you because someone has control of your email,” he said.
“We immediately shut down our network and changed our passwords to shut the perpetrator out.”
• Millennials caught by online scams
• David and Libby Koch: How to outsmart scammers
The recipient of Mr Moore’s invoice almost paid the $18,000 bill but when an email from his client questioned the change of banking details, he quickly realised a scammer was involved.
He said his “main grievance” was little was done by the police and banks “to pursue the perpetrators” on the incident which occurred 12 months ago.
The Australian Competition and Consumer Commission’s deputy chair, Delia Rickard, said BEC scams were becoming far more widespread.
“We are seeing local sporting clubs getting stung by this, even people who are going to pay the deposit on their first home are getting stung,” she said.
“It’s a particularly vicious scam, it’s a huge problem and one the banks are aware of and are trying to deal with.
“A red flag is when you are asked to change the payment details where the money is being sent.”
Ms Rickard warned if this happens to “always check” by ringing the business directly.
An Australian Banking Association spokesman said “banks work 24/7 to protect customers and their money and where they can will act to quickly shut down fraudsters.”
“If you think you may have been the victim of a scammer, or if you are unsure of the origins of an email and think it may be a scam, you should urgently contact your financial institution.”
NSW police confirmed Mr Moore’s case was under review and “inquiries into the matter are ongoing”.
Originally published as How I stopped an $18,000 hacker attack on my business
Aussie shares rise on Wall St rebound
Aussie shares crept higher on Wednesday on the back of a Wall St rebound, despite a sharp sell off in heavyweight mining and energy stocks.
FIFO worker’s drunken act in Qantas lounge
Details of how a female FIFO worker sexually harassed two colleagues in a Qantas lounge have been revealed.